search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix race in dynamic handler configs (reentrancy) (fixes #2774)
[lighttpd.git] / src / mod_fastcgi.c
blobce47cdaeb62bbfd9a1f5f23696a5044ba9afa571
1 #include "first.h"
2
3 #include "buffer.h"
4 #include "server.h"
5 #include "keyvalue.h"
6 #include "log.h"
7
8 #include "http_chunk.h"
9 #include "fdevent.h"
10 #include "connections.h"
11 #include "response.h"
12 #include "joblist.h"
13
14 #include "plugin.h"
15
16 #include "inet_ntop_cache.h"
17 #include "stat_cache.h"
18 #include "status_counter.h"
19
20 #include <sys/types.h>
21 #include <unistd.h>
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <string.h>
25 #include <stdlib.h>
26 #include <ctype.h>
27 #include <assert.h>
28 #include <signal.h>
29
30 #ifdef HAVE_FASTCGI_FASTCGI_H
31 # include <fastcgi/fastcgi.h>
32 #else
33 # ifdef HAVE_FASTCGI_H
34 # include <fastcgi.h>
35 # else
36 # include "fastcgi.h"
37 # endif
38 #endif /* HAVE_FASTCGI_FASTCGI_H */
39
40 #include <stdio.h>
41
42 #include "sys-socket.h"
43
44 #ifdef HAVE_SYS_UIO_H
45 #include <sys/uio.h>
46 #endif
47 #ifdef HAVE_SYS_WAIT_H
48 #include <sys/wait.h>
49 #endif
50
51 /*
52 *
53 * TODO:
54 *
55 * - add timeout for a connect to a non-fastcgi process
56 * (use state_timestamp + state)
57 *
58 */
59
60 typedef struct fcgi_proc {
61 size_t id; /* id will be between 1 and max_procs */
62 buffer *unixsocket; /* config.socket + "-" + id */
63 unsigned port; /* config.port + pno */
64
65 buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debugging purposes */
66
67 pid_t pid; /* PID of the spawned process (0 if not spawned locally) */
68
69
70 size_t load; /* number of requests waiting on this process */
71
72 size_t requests; /* see max_requests */
73 struct fcgi_proc *prev, *next; /* see first */
74
75 time_t disabled_until; /* this proc is disabled until, use something else until then */
76
77 int is_local;
78
79 enum {
80 PROC_STATE_UNSET, /* init-phase */
81 PROC_STATE_RUNNING, /* alive */
82 PROC_STATE_OVERLOADED, /* listen-queue is full,
83 don't send anything to this proc for the next 2 seconds */
84 PROC_STATE_DIED_WAIT_FOR_PID, /* */
85 PROC_STATE_DIED, /* marked as dead, should be restarted */
86 PROC_STATE_KILLED /* was killed as we don't have the load anymore */
87 } state;
88 } fcgi_proc;
89
90 typedef struct {
91 /* the key that is used to reference this value */
92 buffer *id;
93
94 /* list of processes handling this extension
95 * sorted by lowest load
96 *
97 * whenever a job is done move it up in the list
98 * until it is sorted, move it down as soon as the
99 * job is started
100 */
101 fcgi_proc *first;
102 fcgi_proc *unused_procs;
103
104 /*
105 * spawn at least min_procs, at max_procs.
106 *
107 * as soon as the load of the first entry
108 * is max_load_per_proc we spawn a new one
109 * and add it to the first entry and give it
110 * the load
111 *
112 */
113
114 unsigned short max_procs;
115 size_t num_procs; /* how many procs are started */
116 size_t active_procs; /* how many of them are really running, i.e. state = PROC_STATE_RUNNING */
117
118 /*
119 * time after a disabled remote connection is tried to be re-enabled
120 *
121 *
122 */
123
124 unsigned short disable_time;
125
126 /*
127 * some fastcgi processes get a little bit larger
128 * than wanted. max_requests_per_proc kills a
129 * process after a number of handled requests.
130 *
131 */
132 size_t max_requests_per_proc;
133
134
135 /* config */
136
137 /*
138 * host:port
139 *
140 * if host is one of the local IP adresses the
141 * whole connection is local
142 *
143 * if port is not 0, and host is not specified,
144 * "localhost" (INADDR_LOOPBACK) is assumed.
145 *
146 */
147 buffer *host;
148 unsigned short port;
149 sa_family_t family;
150
151 /*
152 * Unix Domain Socket
153 *
154 * instead of TCP/IP we can use Unix Domain Sockets
155 * - more secure (you have fileperms to play with)
156 * - more control (on locally)
157 * - more speed (no extra overhead)
158 */
159 buffer *unixsocket;
160
161 /* if socket is local we can start the fastcgi
162 * process ourself
163 *
164 * bin-path is the path to the binary
165 *
166 * check min_procs and max_procs for the number
167 * of process to start up
168 */
169 buffer *bin_path;
170
171 /* bin-path is set bin-environment is taken to
172 * create the environement before starting the
173 * FastCGI process
174 *
175 */
176 array *bin_env;
177
178 array *bin_env_copy;
179
180 /*
181 * docroot-translation between URL->phys and the
182 * remote host
183 *
184 * reasons:
185 * - different dir-layout if remote
186 * - chroot if local
187 *
188 */
189 buffer *docroot;
190
191 /*
192 * check_local tells you if the phys file is stat()ed
193 * or not. FastCGI doesn't care if the service is
194 * remote. If the web-server side doesn't contain
195 * the fastcgi-files we should not stat() for them
196 * and say '404 not found'.
197 */
198 unsigned short check_local;
199
200 /*
201 * append PATH_INFO to SCRIPT_FILENAME
202 *
203 * php needs this if cgi.fix_pathinfo is provided
204 *
205 */
206
207 unsigned short break_scriptfilename_for_php;
208
209 /*
210 * workaround for program when prefix="/"
211 *
212 * rule to build PATH_INFO is hardcoded for when check_local is disabled
213 * enable this option to use the workaround
214 *
215 */
216
217 unsigned short fix_root_path_name;
218
219 /*
220 * If the backend includes X-Sendfile in the response
221 * we use the value as filename and ignore the content.
222 *
223 */
224 unsigned short xsendfile_allow;
225 array *xsendfile_docroot;
226
227 ssize_t load; /* replace by host->load */
228
229 size_t max_id; /* corresponds most of the time to
230 num_procs.
231
232 only if a process is killed max_id waits for the process itself
233 to die and decrements it afterwards */
234
235 buffer *strip_request_uri;
236
237 unsigned short kill_signal; /* we need a setting for this as libfcgi
238 applications prefer SIGUSR1 while the
239 rest of the world would use SIGTERM
240 *sigh* */
241
242 int listen_backlog;
243 int refcount;
244 } fcgi_extension_host;
245
246 /*
247 * one extension can have multiple hosts assigned
248 * one host can spawn additional processes on the same
249 * socket (if we control it)
250 *
251 * ext -> host -> procs
252 * 1:n 1:n
253 *
254 * if the fastcgi process is remote that whole goes down
255 * to
256 *
257 * ext -> host -> procs
258 * 1:n 1:1
259 *
260 * in case of PHP and FCGI_CHILDREN we have again a procs
261 * but we don't control it directly.
262 *
263 */
264
265 typedef struct {
266 buffer *key; /* like .php */
267
268 int note_is_sent;
269 int last_used_ndx;
270
271 fcgi_extension_host **hosts;
272
273 size_t used;
274 size_t size;
275 } fcgi_extension;
276
277 typedef struct {
278 fcgi_extension **exts;
279
280 size_t used;
281 size_t size;
282 } fcgi_exts;
283
284
285 typedef struct {
286 fcgi_exts *exts;
287 fcgi_exts *exts_auth;
288 fcgi_exts *exts_resp;
289
290 array *ext_mapping;
291
292 unsigned int debug;
293 } plugin_config;
294
295 typedef struct {
296 char **ptr;
297
298 size_t size;
299 size_t used;
300 } char_array;
301
302 /* generic plugin data, shared between all connections */
303 typedef struct {
304 PLUGIN_DATA;
305
306 buffer *fcgi_env;
307
308 buffer *statuskey;
309
310 plugin_config **config_storage;
311
312 plugin_config conf; /* this is only used as long as no handler_ctx is setup */
313 } plugin_data;
314
315 /* connection specific data */
316 typedef enum {
317 FCGI_STATE_INIT,
318 FCGI_STATE_CONNECT_DELAYED,
319 FCGI_STATE_PREPARE_WRITE,
320 FCGI_STATE_WRITE,
321 FCGI_STATE_READ
322 } fcgi_connection_state_t;
323
324 typedef struct {
325 fcgi_proc *proc;
326 fcgi_extension_host *host;
327 fcgi_extension *ext;
328 fcgi_extension *ext_auth; /* (might be used in future to allow multiple authorizers)*/
329 unsigned short fcgi_mode; /* FastCGI mode: FCGI_AUTHORIZER or FCGI_RESPONDER */
330
331 fcgi_connection_state_t state;
332 time_t state_timestamp;
333
334 chunkqueue *rb; /* read queue */
335 chunkqueue *wb; /* write queue */
336 off_t wb_reqlen;
337
338 buffer *response_header;
339
340 int fd; /* fd to the fastcgi process */
341 int fde_ndx; /* index into the fd-event buffer */
342
343 pid_t pid;
344 int got_proc;
345 int reconnects; /* number of reconnect attempts */
346
347 int request_id;
348 int send_content_body;
349
350 plugin_config conf;
351
352 connection *remote_conn; /* dumb pointer */
353 plugin_data *plugin_data; /* dumb pointer */
354 } handler_ctx;
355
356
357 /* ok, we need a prototype */
358 static handler_t fcgi_handle_fdevent(server *srv, void *ctx, int revents);
359
360 static void reset_signals(void) {
361 #ifdef SIGTTOU
362 signal(SIGTTOU, SIG_DFL);
363 #endif
364 #ifdef SIGTTIN
365 signal(SIGTTIN, SIG_DFL);
366 #endif
367 #ifdef SIGTSTP
368 signal(SIGTSTP, SIG_DFL);
369 #endif
370 signal(SIGHUP, SIG_DFL);
371 signal(SIGPIPE, SIG_DFL);
372 signal(SIGUSR1, SIG_DFL);
373 }
374
375 static void fastcgi_status_copy_procname(buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
376 buffer_copy_string_len(b, CONST_STR_LEN("fastcgi.backend."));
377 buffer_append_string_buffer(b, host->id);
378 if (proc) {
379 buffer_append_string_len(b, CONST_STR_LEN("."));
380 buffer_append_int(b, proc->id);
381 }
382 }
383
384 static void fcgi_proc_load_inc(server *srv, handler_ctx *hctx) {
385 plugin_data *p = hctx->plugin_data;
386 hctx->proc->load++;
387
388 status_counter_inc(srv, CONST_STR_LEN("fastcgi.active-requests"));
389
390 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
391 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".load"));
392
393 status_counter_set(srv, CONST_BUF_LEN(p->statuskey), hctx->proc->load);
394 }
395
396 static void fcgi_proc_load_dec(server *srv, handler_ctx *hctx) {
397 plugin_data *p = hctx->plugin_data;
398 hctx->proc->load--;
399
400 status_counter_dec(srv, CONST_STR_LEN("fastcgi.active-requests"));
401
402 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
403 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".load"));
404
405 status_counter_set(srv, CONST_BUF_LEN(p->statuskey), hctx->proc->load);
406 }
407
408 static void fcgi_host_assign(server *srv, handler_ctx *hctx, fcgi_extension_host *host) {
409 plugin_data *p = hctx->plugin_data;
410 hctx->host = host;
411 hctx->host->load++;
412
413 fastcgi_status_copy_procname(p->statuskey, hctx->host, NULL);
414 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".load"));
415
416 status_counter_set(srv, CONST_BUF_LEN(p->statuskey), hctx->host->load);
417 }
418
419 static void fcgi_host_reset(server *srv, handler_ctx *hctx) {
420 plugin_data *p = hctx->plugin_data;
421 hctx->host->load--;
422
423 fastcgi_status_copy_procname(p->statuskey, hctx->host, NULL);
424 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".load"));
425
426 status_counter_set(srv, CONST_BUF_LEN(p->statuskey), hctx->host->load);
427
428 hctx->host = NULL;
429 }
430
431 static void fcgi_host_disable(server *srv, handler_ctx *hctx) {
432 if (hctx->host->disable_time || hctx->proc->is_local) {
433 if (hctx->proc->state == PROC_STATE_RUNNING) hctx->host->active_procs--;
434 hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
435 hctx->proc->state = hctx->proc->is_local ? PROC_STATE_DIED_WAIT_FOR_PID : PROC_STATE_DIED;
436
437 if (hctx->conf.debug) {
438 log_error_write(srv, __FILE__, __LINE__, "sds",
439 "backend disabled for", hctx->host->disable_time, "seconds");
440 }
441 }
442 }
443
444 static int fastcgi_status_init(server *srv, buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
445 #define CLEAN(x) \
446 fastcgi_status_copy_procname(b, host, proc); \
447 buffer_append_string_len(b, CONST_STR_LEN(x)); \
448 status_counter_set(srv, CONST_BUF_LEN(b), 0);
449
450 CLEAN(".disabled");
451 CLEAN(".died");
452 CLEAN(".overloaded");
453 CLEAN(".connected");
454 CLEAN(".load");
455
456 #undef CLEAN
457
458 #define CLEAN(x) \
459 fastcgi_status_copy_procname(b, host, NULL); \
460 buffer_append_string_len(b, CONST_STR_LEN(x)); \
461 status_counter_set(srv, CONST_BUF_LEN(b), 0);
462
463 CLEAN(".load");
464
465 #undef CLEAN
466
467 return 0;
468 }
469
470 static handler_ctx * handler_ctx_init(void) {
471 handler_ctx * hctx;
472
473 hctx = calloc(1, sizeof(*hctx));
474 force_assert(hctx);
475
476 hctx->fde_ndx = -1;
477
478 hctx->response_header = buffer_init();
479
480 hctx->request_id = 0;
481 hctx->fcgi_mode = FCGI_RESPONDER;
482 hctx->state = FCGI_STATE_INIT;
483 hctx->proc = NULL;
484
485 hctx->fd = -1;
486
487 hctx->reconnects = 0;
488 hctx->send_content_body = 1;
489
490 hctx->rb = chunkqueue_init();
491 hctx->wb = chunkqueue_init();
492 hctx->wb_reqlen = 0;
493
494 return hctx;
495 }
496
497 static void handler_ctx_free(handler_ctx *hctx) {
498 /* caller MUST have called fcgi_backend_close(srv, hctx) if necessary */
499 buffer_free(hctx->response_header);
500
501 chunkqueue_free(hctx->rb);
502 chunkqueue_free(hctx->wb);
503
504 free(hctx);
505 }
506
507 static void handler_ctx_clear(handler_ctx *hctx) {
508 /* caller MUST have called fcgi_backend_close(srv, hctx) if necessary */
509
510 hctx->proc = NULL;
511 hctx->host = NULL;
512 hctx->ext = NULL;
513 /*hctx->ext_auth is intentionally preserved to flag prior authorizer*/
514
515 hctx->fcgi_mode = FCGI_RESPONDER;
516 hctx->state = FCGI_STATE_INIT;
517 /*hctx->state_timestamp = 0;*//*(unused; left as-is)*/
518
519 chunkqueue_reset(hctx->rb);
520 chunkqueue_reset(hctx->wb);
521 hctx->wb_reqlen = 0;
522
523 buffer_reset(hctx->response_header);
524
525 hctx->fd = -1;
526 hctx->fde_ndx = -1;
527 /*hctx->pid = -1;*//*(unused; left as-is)*/
528 hctx->got_proc = 0;
529 hctx->reconnects = 0;
530 hctx->request_id = 0;
531 hctx->send_content_body = 1;
532
533 /*plugin_config conf;*//*(no need to reset for same request)*/
534
535 /*hctx->remote_conn = NULL;*//*(no need to reset for same request)*/
536 /*hctx->plugin_data = NULL;*//*(no need to reset for same request)*/
537 }
538
539 static fcgi_proc *fastcgi_process_init(void) {
540 fcgi_proc *f;
541
542 f = calloc(1, sizeof(*f));
543 f->unixsocket = buffer_init();
544 f->connection_name = buffer_init();
545
546 f->prev = NULL;
547 f->next = NULL;
548
549 return f;
550 }
551
552 static void fastcgi_process_free(fcgi_proc *f) {
553 if (!f) return;
554
555 fastcgi_process_free(f->next);
556
557 buffer_free(f->unixsocket);
558 buffer_free(f->connection_name);
559
560 free(f);
561 }
562
563 static fcgi_extension_host *fastcgi_host_init(void) {
564 fcgi_extension_host *f;
565
566 f = calloc(1, sizeof(*f));
567
568 f->id = buffer_init();
569 f->host = buffer_init();
570 f->unixsocket = buffer_init();
571 f->docroot = buffer_init();
572 f->bin_path = buffer_init();
573 f->bin_env = array_init();
574 f->bin_env_copy = array_init();
575 f->strip_request_uri = buffer_init();
576 f->xsendfile_docroot = array_init();
577
578 return f;
579 }
580
581 static void fastcgi_host_free(fcgi_extension_host *h) {
582 if (!h) return;
583 if (h->refcount) {
584 --h->refcount;
585 return;
586 }
587
588 buffer_free(h->id);
589 buffer_free(h->host);
590 buffer_free(h->unixsocket);
591 buffer_free(h->docroot);
592 buffer_free(h->bin_path);
593 buffer_free(h->strip_request_uri);
594 array_free(h->bin_env);
595 array_free(h->bin_env_copy);
596 array_free(h->xsendfile_docroot);
597
598 fastcgi_process_free(h->first);
599 fastcgi_process_free(h->unused_procs);
600
601 free(h);
602
603 }
604
605 static fcgi_exts *fastcgi_extensions_init(void) {
606 fcgi_exts *f;
607
608 f = calloc(1, sizeof(*f));
609
610 return f;
611 }
612
613 static void fastcgi_extensions_free(fcgi_exts *f) {
614 size_t i;
615
616 if (!f) return;
617
618 for (i = 0; i < f->used; i++) {
619 fcgi_extension *fe;
620 size_t j;
621
622 fe = f->exts[i];
623
624 for (j = 0; j < fe->used; j++) {
625 fcgi_extension_host *h;
626
627 h = fe->hosts[j];
628
629 fastcgi_host_free(h);
630 }
631
632 buffer_free(fe->key);
633 free(fe->hosts);
634
635 free(fe);
636 }
637
638 free(f->exts);
639
640 free(f);
641 }
642
643 static int fastcgi_extension_insert(fcgi_exts *ext, buffer *key, fcgi_extension_host *fh) {
644 fcgi_extension *fe;
645 size_t i;
646
647 /* there is something */
648
649 for (i = 0; i < ext->used; i++) {
650 if (buffer_is_equal(key, ext->exts[i]->key)) {
651 break;
652 }
653 }
654
655 if (i == ext->used) {
656 /* filextension is new */
657 fe = calloc(1, sizeof(*fe));
658 force_assert(fe);
659 fe->key = buffer_init();
660 fe->last_used_ndx = -1;
661 buffer_copy_buffer(fe->key, key);
662
663 /* */
664
665 if (ext->size == 0) {
666 ext->size = 8;
667 ext->exts = malloc(ext->size * sizeof(*(ext->exts)));
668 force_assert(ext->exts);
669 } else if (ext->used == ext->size) {
670 ext->size += 8;
671 ext->exts = realloc(ext->exts, ext->size * sizeof(*(ext->exts)));
672 force_assert(ext->exts);
673 }
674 ext->exts[ext->used++] = fe;
675 } else {
676 fe = ext->exts[i];
677 }
678
679 if (fe->size == 0) {
680 fe->size = 4;
681 fe->hosts = malloc(fe->size * sizeof(*(fe->hosts)));
682 force_assert(fe->hosts);
683 } else if (fe->size == fe->used) {
684 fe->size += 4;
685 fe->hosts = realloc(fe->hosts, fe->size * sizeof(*(fe->hosts)));
686 force_assert(fe->hosts);
687 }
688
689 fe->hosts[fe->used++] = fh;
690
691 return 0;
692
693 }
694
695 INIT_FUNC(mod_fastcgi_init) {
696 plugin_data *p;
697
698 p = calloc(1, sizeof(*p));
699
700 p->fcgi_env = buffer_init();
701
702 p->statuskey = buffer_init();
703
704 return p;
705 }
706
707
708 FREE_FUNC(mod_fastcgi_free) {
709 plugin_data *p = p_d;
710
711 UNUSED(srv);
712
713 buffer_free(p->fcgi_env);
714 buffer_free(p->statuskey);
715
716 if (p->config_storage) {
717 size_t i, j, n;
718 for (i = 0; i < srv->config_context->used; i++) {
719 plugin_config *s = p->config_storage[i];
720 fcgi_exts *exts;
721
722 if (NULL == s) continue;
723
724 exts = s->exts;
725
726 if (exts) {
727 for (j = 0; j < exts->used; j++) {
728 fcgi_extension *ex;
729
730 ex = exts->exts[j];
731
732 for (n = 0; n < ex->used; n++) {
733 fcgi_proc *proc;
734 fcgi_extension_host *host;
735
736 host = ex->hosts[n];
737
738 for (proc = host->first; proc; proc = proc->next) {
739 if (proc->pid != 0) {
740 kill(proc->pid, host->kill_signal);
741 }
742
743 if (proc->is_local &&
744 !buffer_string_is_empty(proc->unixsocket)) {
745 unlink(proc->unixsocket->ptr);
746 }
747 }
748
749 for (proc = host->unused_procs; proc; proc = proc->next) {
750 if (proc->pid != 0) {
751 kill(proc->pid, host->kill_signal);
752 }
753 if (proc->is_local &&
754 !buffer_string_is_empty(proc->unixsocket)) {
755 unlink(proc->unixsocket->ptr);
756 }
757 }
758 }
759 }
760
761 fastcgi_extensions_free(s->exts);
762 fastcgi_extensions_free(s->exts_auth);
763 fastcgi_extensions_free(s->exts_resp);
764 }
765 array_free(s->ext_mapping);
766
767 free(s);
768 }
769 free(p->config_storage);
770 }
771
772 free(p);
773
774 return HANDLER_GO_ON;
775 }
776
777 static int env_add(char_array *env, const char *key, size_t key_len, const char *val, size_t val_len) {
778 char *dst;
779 size_t i;
780
781 if (!key || !val) return -1;
782
783 dst = malloc(key_len + val_len + 3);
784 memcpy(dst, key, key_len);
785 dst[key_len] = '=';
786 memcpy(dst + key_len + 1, val, val_len);
787 dst[key_len + 1 + val_len] = '\0';
788
789 for (i = 0; i < env->used; i++) {
790 if (0 == strncmp(dst, env->ptr[i], key_len + 1)) {
791 /* don't care about free as we are in a forked child which is going to exec(...) */
792 /* free(env->ptr[i]); */
793 env->ptr[i] = dst;
794 return 0;
795 }
796 }
797
798 if (env->size == 0) {
799 env->size = 16;
800 env->ptr = malloc(env->size * sizeof(*env->ptr));
801 } else if (env->size == env->used + 1) {
802 env->size += 16;
803 env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
804 }
805
806 env->ptr[env->used++] = dst;
807
808 return 0;
809 }
810
811 static int parse_binpath(char_array *env, buffer *b) {
812 char *start;
813 size_t i;
814 /* search for spaces */
815
816 start = b->ptr;
817 for (i = 0; i < buffer_string_length(b); i++) {
818 switch(b->ptr[i]) {
819 case ' ':
820 case '\t':
821 /* a WS, stop here and copy the argument */
822
823 if (env->size == 0) {
824 env->size = 16;
825 env->ptr = malloc(env->size * sizeof(*env->ptr));
826 } else if (env->size == env->used) {
827 env->size += 16;
828 env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
829 }
830
831 b->ptr[i] = '\0';
832
833 env->ptr[env->used++] = start;
834
835 start = b->ptr + i + 1;
836 break;
837 default:
838 break;
839 }
840 }
841
842 if (env->size == 0) {
843 env->size = 16;
844 env->ptr = malloc(env->size * sizeof(*env->ptr));
845 } else if (env->size == env->used) { /* we need one extra for the terminating NULL */
846 env->size += 16;
847 env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
848 }
849
850 /* the rest */
851 env->ptr[env->used++] = start;
852
853 if (env->size == 0) {
854 env->size = 16;
855 env->ptr = malloc(env->size * sizeof(*env->ptr));
856 } else if (env->size == env->used) { /* we need one extra for the terminating NULL */
857 env->size += 16;
858 env->ptr = realloc(env->ptr, env->size * sizeof(*env->ptr));
859 }
860
861 /* terminate */
862 env->ptr[env->used++] = NULL;
863
864 return 0;
865 }
866
867 #if !defined(HAVE_FORK)
868 static int fcgi_spawn_connection(server *srv,
869 plugin_data *p,
870 fcgi_extension_host *host,
871 fcgi_proc *proc) {
872 UNUSED(srv);
873 UNUSED(p);
874 UNUSED(host);
875 UNUSED(proc);
876 return -1;
877 }
878
879 #else /* -> defined(HAVE_FORK) */
880
881 static int fcgi_spawn_connection(server *srv,
882 plugin_data *p,
883 fcgi_extension_host *host,
884 fcgi_proc *proc) {
885 int fcgi_fd;
886 int status;
887 struct timeval tv = { 0, 100 * 1000 };
888 #ifdef HAVE_SYS_UN_H
889 struct sockaddr_un fcgi_addr_un;
890 #endif
891 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
892 struct sockaddr_in6 fcgi_addr_in6;
893 #endif
894 struct sockaddr_in fcgi_addr_in;
895 struct sockaddr *fcgi_addr;
896
897 socklen_t servlen;
898
899 if (p->conf.debug) {
900 log_error_write(srv, __FILE__, __LINE__, "sdb",
901 "new proc, socket:", proc->port, proc->unixsocket);
902 }
903
904 if (!buffer_string_is_empty(proc->unixsocket)) {
905 #ifdef HAVE_SYS_UN_H
906 memset(&fcgi_addr_un, 0, sizeof(fcgi_addr_un));
907 fcgi_addr_un.sun_family = AF_UNIX;
908 if (buffer_string_length(proc->unixsocket) + 1 > sizeof(fcgi_addr_un.sun_path)) {
909 log_error_write(srv, __FILE__, __LINE__, "sB",
910 "ERROR: Unix Domain socket filename too long:",
911 proc->unixsocket);
912 return -1;
913 }
914 memcpy(fcgi_addr_un.sun_path, proc->unixsocket->ptr, buffer_string_length(proc->unixsocket) + 1);
915
916 #ifdef SUN_LEN
917 servlen = SUN_LEN(&fcgi_addr_un);
918 #else
919 /* stevens says: */
920 servlen = buffer_string_length(proc->unixsocket) + 1 + sizeof(fcgi_addr_un.sun_family);
921 #endif
922 fcgi_addr = (struct sockaddr *) &fcgi_addr_un;
923
924 buffer_copy_string_len(proc->connection_name, CONST_STR_LEN("unix:"));
925 buffer_append_string_buffer(proc->connection_name, proc->unixsocket);
926
927 #else
928 log_error_write(srv, __FILE__, __LINE__, "s",
929 "ERROR: Unix Domain sockets are not supported.");
930 return -1;
931 #endif
932 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
933 } else if (host->family == AF_INET6 && !buffer_string_is_empty(host->host)) {
934 memset(&fcgi_addr_in6, 0, sizeof(fcgi_addr_in6));
935 fcgi_addr_in6.sin6_family = AF_INET6;
936 inet_pton(AF_INET6, host->host->ptr, (char *) &fcgi_addr_in6.sin6_addr);
937 fcgi_addr_in6.sin6_port = htons(proc->port);
938 servlen = sizeof(fcgi_addr_in6);
939 fcgi_addr = (struct sockaddr *) &fcgi_addr_in6;
940 #endif
941 } else {
942 memset(&fcgi_addr_in, 0, sizeof(fcgi_addr_in));
943 fcgi_addr_in.sin_family = AF_INET;
944
945 if (buffer_string_is_empty(host->host)) {
946 fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
947 } else {
948 struct hostent *he;
949
950 /* set a useful default */
951 fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
952
953
954 if (NULL == (he = gethostbyname(host->host->ptr))) {
955 log_error_write(srv, __FILE__, __LINE__,
956 "sdb", "gethostbyname failed: ",
957 h_errno, host->host);
958 return -1;
959 }
960
961 if (he->h_addrtype != AF_INET) {
962 log_error_write(srv, __FILE__, __LINE__, "sd", "addr-type != AF_INET: ", he->h_addrtype);
963 return -1;
964 }
965
966 if (he->h_length != sizeof(struct in_addr)) {
967 log_error_write(srv, __FILE__, __LINE__, "sd", "addr-length != sizeof(in_addr): ", he->h_length);
968 return -1;
969 }
970
971 memcpy(&(fcgi_addr_in.sin_addr.s_addr), he->h_addr_list[0], he->h_length);
972
973 }
974 fcgi_addr_in.sin_port = htons(proc->port);
975 servlen = sizeof(fcgi_addr_in);
976
977 fcgi_addr = (struct sockaddr *) &fcgi_addr_in;
978 }
979
980 if (buffer_string_is_empty(proc->unixsocket)) {
981 buffer_copy_string_len(proc->connection_name, CONST_STR_LEN("tcp:"));
982 if (!buffer_string_is_empty(host->host)) {
983 buffer_append_string_buffer(proc->connection_name, host->host);
984 } else {
985 buffer_append_string_len(proc->connection_name, CONST_STR_LEN("localhost"));
986 }
987 buffer_append_string_len(proc->connection_name, CONST_STR_LEN(":"));
988 buffer_append_int(proc->connection_name, proc->port);
989 }
990
991 if (-1 == (fcgi_fd = fdevent_socket_cloexec(fcgi_addr->sa_family, SOCK_STREAM, 0))) {
992 log_error_write(srv, __FILE__, __LINE__, "ss",
993 "failed:", strerror(errno));
994 return -1;
995 }
996
997 if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
998 /* server is not up, spawn it */
999 pid_t child;
1000 int val;
1001
1002 if (errno != ENOENT &&
1003 !buffer_string_is_empty(proc->unixsocket)) {
1004 unlink(proc->unixsocket->ptr);
1005 }
1006
1007 close(fcgi_fd);
1008
1009 /* reopen socket */
1010 if (-1 == (fcgi_fd = fdevent_socket_cloexec(fcgi_addr->sa_family, SOCK_STREAM, 0))) {
1011 log_error_write(srv, __FILE__, __LINE__, "ss",
1012 "socket failed:", strerror(errno));
1013 return -1;
1014 }
1015
1016 val = 1;
1017 if (setsockopt(fcgi_fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
1018 log_error_write(srv, __FILE__, __LINE__, "ss",
1019 "socketsockopt failed:", strerror(errno));
1020 close(fcgi_fd);
1021 return -1;
1022 }
1023
1024 /* create socket */
1025 if (-1 == bind(fcgi_fd, fcgi_addr, servlen)) {
1026 log_error_write(srv, __FILE__, __LINE__, "sbs",
1027 "bind failed for:",
1028 proc->connection_name,
1029 strerror(errno));
1030 close(fcgi_fd);
1031 return -1;
1032 }
1033
1034 if (-1 == listen(fcgi_fd, host->listen_backlog)) {
1035 log_error_write(srv, __FILE__, __LINE__, "ss",
1036 "listen failed:", strerror(errno));
1037 close(fcgi_fd);
1038 return -1;
1039 }
1040
1041 switch ((child = fork())) {
1042 case 0: {
1043 size_t i = 0;
1044 char *c;
1045 char_array env;
1046 char_array arg;
1047
1048 /* create environment */
1049 env.ptr = NULL;
1050 env.size = 0;
1051 env.used = 0;
1052
1053 arg.ptr = NULL;
1054 arg.size = 0;
1055 arg.used = 0;
1056
1057 if(fcgi_fd != FCGI_LISTENSOCK_FILENO) {
1058 dup2(fcgi_fd, FCGI_LISTENSOCK_FILENO);
1059 close(fcgi_fd);
1060 }
1061 #ifdef SOCK_CLOEXEC
1062 else
1063 (void)fcntl(fcgi_fd, F_SETFD, 0); /* clear cloexec */
1064 #endif
1065
1066 /* we don't need the client socket */
1067 for (i = 3; i < 256; i++) {
1068 close(i);
1069 }
1070
1071 /* build clean environment */
1072 if (host->bin_env_copy->used) {
1073 for (i = 0; i < host->bin_env_copy->used; i++) {
1074 data_string *ds = (data_string *)host->bin_env_copy->data[i];
1075 char *ge;
1076
1077 if (NULL != (ge = getenv(ds->value->ptr))) {
1078 env_add(&env, CONST_BUF_LEN(ds->value), ge, strlen(ge));
1079 }
1080 }
1081 } else {
1082 char ** const e = environ;
1083 for (i = 0; e[i]; ++i) {
1084 char *eq;
1085
1086 if (NULL != (eq = strchr(e[i], '='))) {
1087 env_add(&env, e[i], eq - e[i], eq+1, strlen(eq+1));
1088 }
1089 }
1090 }
1091
1092 /* create environment */
1093 for (i = 0; i < host->bin_env->used; i++) {
1094 data_string *ds = (data_string *)host->bin_env->data[i];
1095
1096 env_add(&env, CONST_BUF_LEN(ds->key), CONST_BUF_LEN(ds->value));
1097 }
1098
1099 for (i = 0; i < env.used; i++) {
1100 /* search for PHP_FCGI_CHILDREN */
1101 if (0 == strncmp(env.ptr[i], "PHP_FCGI_CHILDREN=", sizeof("PHP_FCGI_CHILDREN=") - 1)) break;
1102 }
1103
1104 /* not found, add a default */
1105 if (i == env.used) {
1106 env_add(&env, CONST_STR_LEN("PHP_FCGI_CHILDREN"), CONST_STR_LEN("1"));
1107 }
1108
1109 env.ptr[env.used] = NULL;
1110
1111 parse_binpath(&arg, host->bin_path);
1112
1113 /* chdir into the base of the bin-path,
1114 * search for the last / */
1115 if (NULL != (c = strrchr(arg.ptr[0], '/'))) {
1116 *c = '\0';
1117
1118 /* change to the physical directory */
1119 if (-1 == chdir(arg.ptr[0])) {
1120 *c = '/';
1121 log_error_write(srv, __FILE__, __LINE__, "sss", "chdir failed:", strerror(errno), arg.ptr[0]);
1122 }
1123 *c = '/';
1124 }
1125
1126 reset_signals();
1127
1128 /* exec the cgi */
1129 execve(arg.ptr[0], arg.ptr, env.ptr);
1130
1131 /* log_error_write(srv, __FILE__, __LINE__, "sbs",
1132 "execve failed for:", host->bin_path, strerror(errno)); */
1133
1134 _exit(errno);
1135
1136 break;
1137 }
1138 case -1:
1139 /* error */
1140 close(fcgi_fd);
1141 break;
1142 default:
1143 /* father */
1144 close(fcgi_fd);
1145
1146 /* wait */
1147 select(0, NULL, NULL, NULL, &tv);
1148
1149 switch (waitpid(child, &status, WNOHANG)) {
1150 case 0:
1151 /* child still running after timeout, good */
1152 break;
1153 case -1:
1154 /* no PID found ? should never happen */
1155 log_error_write(srv, __FILE__, __LINE__, "ss",
1156 "pid not found:", strerror(errno));
1157 return -1;
1158 default:
1159 log_error_write(srv, __FILE__, __LINE__, "sbs",
1160 "the fastcgi-backend", host->bin_path, "failed to start:");
1161 /* the child should not terminate at all */
1162 if (WIFEXITED(status)) {
1163 log_error_write(srv, __FILE__, __LINE__, "sdb",
1164 "child exited with status",
1165 WEXITSTATUS(status), host->bin_path);
1166 log_error_write(srv, __FILE__, __LINE__, "s",
1167 "If you're trying to run your app as a FastCGI backend, make sure you're using the FastCGI-enabled version.\n"
1168 "If this is PHP on Gentoo, add 'fastcgi' to the USE flags.");
1169 } else if (WIFSIGNALED(status)) {
1170 log_error_write(srv, __FILE__, __LINE__, "sd",
1171 "terminated by signal:",
1172 WTERMSIG(status));
1173
1174 if (WTERMSIG(status) == 11) {
1175 log_error_write(srv, __FILE__, __LINE__, "s",
1176 "to be exact: it segfaulted, crashed, died, ... you get the idea." );
1177 log_error_write(srv, __FILE__, __LINE__, "s",
1178 "If this is PHP, try removing the bytecode caches for now and try again.");
1179 }
1180 } else {
1181 log_error_write(srv, __FILE__, __LINE__, "sd",
1182 "child died somehow:",
1183 status);
1184 }
1185 return -1;
1186 }
1187
1188 /* register process */
1189 proc->pid = child;
1190 proc->is_local = 1;
1191
1192 break;
1193 }
1194 } else {
1195 close(fcgi_fd);
1196 proc->is_local = 0;
1197 proc->pid = 0;
1198
1199 if (p->conf.debug) {
1200 log_error_write(srv, __FILE__, __LINE__, "sb",
1201 "(debug) socket is already used; won't spawn:",
1202 proc->connection_name);
1203 }
1204 }
1205
1206 proc->state = PROC_STATE_RUNNING;
1207 host->active_procs++;
1208
1209 return 0;
1210 }
1211
1212 #endif /* HAVE_FORK */
1213
1214 static fcgi_extension_host * unixsocket_is_dup(plugin_data *p, size_t used, buffer *unixsocket) {
1215 size_t i, j, n;
1216 for (i = 0; i < used; ++i) {
1217 fcgi_exts *exts = p->config_storage[i]->exts;
1218 if (NULL == exts) continue;
1219 for (j = 0; j < exts->used; ++j) {
1220 fcgi_extension *ex = exts->exts[j];
1221 for (n = 0; n < ex->used; ++n) {
1222 fcgi_extension_host *host = ex->hosts[n];
1223 if (!buffer_string_is_empty(host->unixsocket)
1224 && buffer_is_equal(host->unixsocket, unixsocket)
1225 && !buffer_string_is_empty(host->bin_path))
1226 return host;
1227 }
1228 }
1229 }
1230
1231 return NULL;
1232 }
1233
1234 SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
1235 plugin_data *p = p_d;
1236 data_unset *du;
1237 size_t i = 0;
1238 buffer *fcgi_mode = buffer_init();
1239 fcgi_extension_host *host = NULL;
1240
1241 config_values_t cv[] = {
1242 { "fastcgi.server", NULL, T_CONFIG_LOCAL, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
1243 { "fastcgi.debug", NULL, T_CONFIG_INT , T_CONFIG_SCOPE_CONNECTION }, /* 1 */
1244 { "fastcgi.map-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
1245 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
1246 };
1247
1248 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
1249
1250 for (i = 0; i < srv->config_context->used; i++) {
1251 data_config const* config = (data_config const*)srv->config_context->data[i];
1252 plugin_config *s;
1253
1254 s = malloc(sizeof(plugin_config));
1255 s->exts = NULL;
1256 s->exts_auth = NULL;
1257 s->exts_resp = NULL;
1258 s->debug = 0;
1259 s->ext_mapping = array_init();
1260
1261 cv[0].destination = s->exts; /* not used; T_CONFIG_LOCAL */
1262 cv[1].destination = &(s->debug);
1263 cv[2].destination = s->ext_mapping;
1264
1265 p->config_storage[i] = s;
1266
1267 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
1268 goto error;
1269 }
1270
1271 /*
1272 * <key> = ( ... )
1273 */
1274
1275 if (NULL != (du = array_get_element(config->value, "fastcgi.server"))) {
1276 size_t j;
1277 data_array *da = (data_array *)du;
1278
1279 if (du->type != TYPE_ARRAY) {
1280 log_error_write(srv, __FILE__, __LINE__, "sss",
1281 "unexpected type for key: ", "fastcgi.server", "expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
1282
1283 goto error;
1284 }
1285
1286 s->exts = fastcgi_extensions_init();
1287 s->exts_auth = fastcgi_extensions_init();
1288 s->exts_resp = fastcgi_extensions_init();
1289
1290 /*
1291 * fastcgi.server = ( "<ext>" => ( ... ),
1292 * "<ext>" => ( ... ) )
1293 */
1294
1295 for (j = 0; j < da->value->used; j++) {
1296 size_t n;
1297 data_array *da_ext = (data_array *)da->value->data[j];
1298
1299 if (da->value->data[j]->type != TYPE_ARRAY) {
1300 log_error_write(srv, __FILE__, __LINE__, "sssbs",
1301 "unexpected type for key: ", "fastcgi.server",
1302 "[", da->value->data[j]->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
1303
1304 goto error;
1305 }
1306
1307 /*
1308 * da_ext->key == name of the extension
1309 */
1310
1311 /*
1312 * fastcgi.server = ( "<ext>" =>
1313 * ( "<host>" => ( ... ),
1314 * "<host>" => ( ... )
1315 * ),
1316 * "<ext>" => ... )
1317 */
1318
1319 for (n = 0; n < da_ext->value->used; n++) {
1320 data_array *da_host = (data_array *)da_ext->value->data[n];
1321
1322 config_values_t fcv[] = {
1323 { "host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
1324 { "docroot", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
1325 { "mode", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
1326 { "socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
1327 { "bin-path", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 4 */
1328
1329 { "check-local", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 5 */
1330 { "port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 6 */
1331 { "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 */
1332 { "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
1333
1334 { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
1335 { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
1336
1337 { "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
1338 { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
1339 { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
1340 { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
1341 { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
1342 { "listen-backlog", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
1343 { "x-sendfile", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
1344 { "x-sendfile-docroot",NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
1345
1346 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
1347 };
1348 unsigned short host_mode = FCGI_RESPONDER;
1349
1350 if (da_host->type != TYPE_ARRAY) {
1351 log_error_write(srv, __FILE__, __LINE__, "ssSBS",
1352 "unexpected type for key:",
1353 "fastcgi.server",
1354 "[", da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
1355
1356 goto error;
1357 }
1358
1359 host = fastcgi_host_init();
1360 buffer_reset(fcgi_mode);
1361
1362 buffer_copy_buffer(host->id, da_host->key);
1363
1364 host->check_local = 1;
1365 host->max_procs = 4;
1366 host->disable_time = 1;
1367 host->break_scriptfilename_for_php = 0;
1368 host->xsendfile_allow = 0;
1369 host->kill_signal = SIGTERM;
1370 host->fix_root_path_name = 0;
1371 host->listen_backlog = 1024;
1372 host->refcount = 0;
1373
1374 fcv[0].destination = host->host;
1375 fcv[1].destination = host->docroot;
1376 fcv[2].destination = fcgi_mode;
1377 fcv[3].destination = host->unixsocket;
1378 fcv[4].destination = host->bin_path;
1379
1380 fcv[5].destination = &(host->check_local);
1381 fcv[6].destination = &(host->port);
1382 fcv[7].destination = &(host->max_procs);
1383 fcv[8].destination = &(host->disable_time);
1384
1385 fcv[9].destination = host->bin_env;
1386 fcv[10].destination = host->bin_env_copy;
1387 fcv[11].destination = &(host->break_scriptfilename_for_php);
1388 fcv[12].destination = &(host->xsendfile_allow);
1389 fcv[13].destination = host->strip_request_uri;
1390 fcv[14].destination = &(host->kill_signal);
1391 fcv[15].destination = &(host->fix_root_path_name);
1392 fcv[16].destination = &(host->listen_backlog);
1393 fcv[17].destination = &(host->xsendfile_allow);
1394 fcv[18].destination = host->xsendfile_docroot;
1395
1396 if (0 != config_insert_values_internal(srv, da_host->value, fcv, T_CONFIG_SCOPE_CONNECTION)) {
1397 goto error;
1398 }
1399
1400 if ((!buffer_string_is_empty(host->host) || host->port) &&
1401 !buffer_string_is_empty(host->unixsocket)) {
1402 log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
1403 "either host/port or socket have to be set in:",
1404 da->key, "= (",
1405 da_ext->key, " => (",
1406 da_host->key, " ( ...");
1407
1408 goto error;
1409 }
1410
1411 if (!buffer_string_is_empty(host->unixsocket)) {
1412 /* unix domain socket */
1413 struct sockaddr_un un;
1414
1415 if (buffer_string_length(host->unixsocket) + 1 > sizeof(un.sun_path) - 2) {
1416 log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
1417 "unixsocket is too long in:",
1418 da->key, "= (",
1419 da_ext->key, " => (",
1420 da_host->key, " ( ...");
1421
1422 goto error;
1423 }
1424
1425 if (!buffer_string_is_empty(host->bin_path)) {
1426 fcgi_extension_host *duplicate = unixsocket_is_dup(p, i+1, host->unixsocket);
1427 if (NULL != duplicate) {
1428 if (!buffer_is_equal(host->bin_path, duplicate->bin_path)) {
1429 log_error_write(srv, __FILE__, __LINE__, "sb",
1430 "duplicate unixsocket path:",
1431 host->unixsocket);
1432 goto error;
1433 }
1434 fastcgi_host_free(host);
1435 host = duplicate;
1436 ++host->refcount;
1437 }
1438 }
1439
1440 host->family = AF_UNIX;
1441 } else {
1442 /* tcp/ip */
1443
1444 if (buffer_string_is_empty(host->host) &&
1445 buffer_string_is_empty(host->bin_path)) {
1446 log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
1447 "host or binpath have to be set in:",
1448 da->key, "= (",
1449 da_ext->key, " => (",
1450 da_host->key, " ( ...");
1451
1452 goto error;
1453 } else if (host->port == 0) {
1454 log_error_write(srv, __FILE__, __LINE__, "sbsbsbs",
1455 "port has to be set in:",
1456 da->key, "= (",
1457 da_ext->key, " => (",
1458 da_host->key, " ( ...");
1459
1460 goto error;
1461 }
1462
1463 host->family = (!buffer_string_is_empty(host->host) && NULL != strchr(host->host->ptr, ':')) ? AF_INET6 : AF_INET;
1464 }
1465
1466 if (host->refcount) {
1467 /* already init'd; skip spawning */
1468 } else if (!buffer_string_is_empty(host->bin_path)) {
1469 /* a local socket + self spawning */
1470 size_t pno;
1471
1472 if (s->debug) {
1473 log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsd",
1474 "--- fastcgi spawning local",
1475 "\n\tproc:", host->bin_path,
1476 "\n\tport:", host->port,
1477 "\n\tsocket", host->unixsocket,
1478 "\n\tmax-procs:", host->max_procs);
1479 }
1480
1481 for (pno = 0; pno < host->max_procs; pno++) {
1482 fcgi_proc *proc;
1483
1484 proc = fastcgi_process_init();
1485 proc->id = host->num_procs++;
1486 host->max_id++;
1487
1488 if (buffer_string_is_empty(host->unixsocket)) {
1489 proc->port = host->port + pno;
1490 } else {
1491 buffer_copy_buffer(proc->unixsocket, host->unixsocket);
1492 buffer_append_string_len(proc->unixsocket, CONST_STR_LEN("-"));
1493 buffer_append_int(proc->unixsocket, pno);
1494 }
1495
1496 if (s->debug) {
1497 log_error_write(srv, __FILE__, __LINE__, "ssdsbsdsd",
1498 "--- fastcgi spawning",
1499 "\n\tport:", host->port,
1500 "\n\tsocket", host->unixsocket,
1501 "\n\tcurrent:", pno, "/", host->max_procs);
1502 }
1503
1504 if (!srv->srvconf.preflight_check
1505 && fcgi_spawn_connection(srv, p, host, proc)) {
1506 log_error_write(srv, __FILE__, __LINE__, "s",
1507 "[ERROR]: spawning fcgi failed.");
1508 fastcgi_process_free(proc);
1509 goto error;
1510 }
1511
1512 fastcgi_status_init(srv, p->statuskey, host, proc);
1513
1514 proc->next = host->first;
1515 if (host->first) host->first->prev = proc;
1516
1517 host->first = proc;
1518 }
1519 } else {
1520 fcgi_proc *proc;
1521
1522 proc = fastcgi_process_init();
1523 proc->id = host->num_procs++;
1524 host->max_id++;
1525 host->active_procs++;
1526 proc->state = PROC_STATE_RUNNING;
1527
1528 if (buffer_string_is_empty(host->unixsocket)) {
1529 proc->port = host->port;
1530 } else {
1531 buffer_copy_buffer(proc->unixsocket, host->unixsocket);
1532 }
1533
1534 fastcgi_status_init(srv, p->statuskey, host, proc);
1535
1536 host->first = proc;
1537
1538 host->max_procs = 1;
1539 }
1540
1541 if (!buffer_string_is_empty(fcgi_mode)) {
1542 if (strcmp(fcgi_mode->ptr, "responder") == 0) {
1543 host_mode = FCGI_RESPONDER;
1544 } else if (strcmp(fcgi_mode->ptr, "authorizer") == 0) {
1545 host_mode = FCGI_AUTHORIZER;
1546 } else {
1547 log_error_write(srv, __FILE__, __LINE__, "sbs",
1548 "WARNING: unknown fastcgi mode:",
1549 fcgi_mode, "(ignored, mode set to responder)");
1550 }
1551 }
1552
1553 if (host->xsendfile_docroot->used) {
1554 size_t k;
1555 for (k = 0; k < host->xsendfile_docroot->used; ++k) {
1556 data_string *ds = (data_string *)host->xsendfile_docroot->data[k];
1557 if (ds->type != TYPE_STRING) {
1558 log_error_write(srv, __FILE__, __LINE__, "s",
1559 "unexpected type for x-sendfile-docroot; expected: \"x-sendfile-docroot\" => ( \"/allowed/path\", ... )");
1560 goto error;
1561 }
1562 if (ds->value->ptr[0] != '/') {
1563 log_error_write(srv, __FILE__, __LINE__, "SBs",
1564 "x-sendfile-docroot paths must begin with '/'; invalid: \"", ds->value, "\"");
1565 goto error;
1566 }
1567 buffer_path_simplify(ds->value, ds->value);
1568 buffer_append_slash(ds->value);
1569 }
1570 }
1571
1572 /* s->exts is list of exts -> hosts
1573 * s->exts now used as combined list of authorizer and responder hosts (for backend maintenance)
1574 * s->exts_auth is list of exts -> authorizer hosts
1575 * s->exts_resp is list of exts -> responder hosts
1576 * For each path/extension, there may be an independent FCGI_AUTHORIZER and FCGI_RESPONDER
1577 * (The FCGI_AUTHORIZER and FCGI_RESPONDER could be handled by the same host,
1578 * and an admin might want to do that for large uploads, since FCGI_AUTHORIZER
1579 * runs prior to receiving (potentially large) request body from client and can
1580 * authorizer or deny request prior to receiving the full upload)
1581 */
1582 fastcgi_extension_insert(s->exts, da_ext->key, host);
1583
1584 if (host_mode == FCGI_AUTHORIZER) {
1585 ++host->refcount;
1586 fastcgi_extension_insert(s->exts_auth, da_ext->key, host);
1587 } else if (host_mode == FCGI_RESPONDER) {
1588 ++host->refcount;
1589 fastcgi_extension_insert(s->exts_resp, da_ext->key, host);
1590 } /*(else should have been rejected above)*/
1591
1592 host = NULL;
1593 }
1594 }
1595 }
1596 }
1597
1598 buffer_free(fcgi_mode);
1599 return HANDLER_GO_ON;
1600
1601 error:
1602 if (NULL != host) fastcgi_host_free(host);
1603 buffer_free(fcgi_mode);
1604 return HANDLER_ERROR;
1605 }
1606
1607 static int fcgi_set_state(server *srv, handler_ctx *hctx, fcgi_connection_state_t state) {
1608 hctx->state = state;
1609 hctx->state_timestamp = srv->cur_ts;
1610
1611 return 0;
1612 }
1613
1614
1615 static void fcgi_backend_close(server *srv, handler_ctx *hctx) {
1616 if (hctx->fd != -1) {
1617 fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
1618 fdevent_unregister(srv->ev, hctx->fd);
1619 fdevent_sched_close(srv->ev, hctx->fd, 1);
1620 hctx->fd = -1;
1621 hctx->fde_ndx = -1;
1622 }
1623
1624 if (hctx->host) {
1625 if (hctx->proc && hctx->got_proc) {
1626 /* after the connect the process gets a load */
1627 fcgi_proc_load_dec(srv, hctx);
1628
1629 if (hctx->conf.debug) {
1630 log_error_write(srv, __FILE__, __LINE__, "ssdsbsd",
1631 "released proc:",
1632 "pid:", hctx->proc->pid,
1633 "socket:", hctx->proc->connection_name,
1634 "load:", hctx->proc->load);
1635 }
1636 }
1637
1638 fcgi_host_reset(srv, hctx);
1639 }
1640 }
1641
1642 static fcgi_extension_host * fcgi_extension_host_get(server *srv, connection *con, plugin_data *p, fcgi_extension *extension) {
1643 fcgi_extension_host *host;
1644 int ndx = extension->last_used_ndx + 1;
1645 if (ndx >= (int) extension->used || ndx < 0) ndx = 0;
1646 UNUSED(p);
1647
1648 /* check if the next server has no load */
1649 host = extension->hosts[ndx];
1650 if (host->load > 0 || host->active_procs == 0) {
1651 /* get backend with the least load */
1652 size_t k;
1653 int used = -1;
1654 for (k = 0, ndx = -1; k < extension->used; k++) {
1655 host = extension->hosts[k];
1656
1657 /* we should have at least one proc that can do something */
1658 if (host->active_procs == 0) continue;
1659
1660 if (used == -1 || host->load < used) {
1661 used = host->load;
1662 ndx = k;
1663 }
1664 }
1665 }
1666
1667 if (ndx == -1) {
1668 /* all hosts are down */
1669 /* sorry, we don't have a server alive for this ext */
1670 con->http_status = 503; /* Service Unavailable */
1671 con->mode = DIRECT;
1672
1673 /* only send the 'no handler' once */
1674 if (!extension->note_is_sent) {
1675 extension->note_is_sent = 1;
1676
1677 log_error_write(srv, __FILE__, __LINE__, "sBSbsbs",
1678 "all handlers for", con->uri.path, "?", con->uri.query,
1679 "on", extension->key,
1680 "are down.");
1681 }
1682
1683 return NULL;
1684 }
1685
1686 /* found a server */
1687 extension->last_used_ndx = ndx;
1688 return extension->hosts[ndx];
1689 }
1690
1691 static void fcgi_connection_close(server *srv, handler_ctx *hctx) {
1692 plugin_data *p;
1693 connection *con;
1694
1695 p = hctx->plugin_data;
1696 con = hctx->remote_conn;
1697
1698 fcgi_backend_close(srv, hctx);
1699 handler_ctx_free(hctx);
1700 con->plugin_ctx[p->id] = NULL;
1701
1702 /* finish response (if not already con->file_started, con->file_finished) */
1703 if (con->mode == p->id) {
1704 http_response_backend_done(srv, con);
1705 }
1706 }
1707
1708 static handler_t fcgi_reconnect(server *srv, handler_ctx *hctx) {
1709 fcgi_backend_close(srv, hctx);
1710
1711 hctx->host = fcgi_extension_host_get(srv, hctx->remote_conn, hctx->plugin_data, hctx->ext);
1712 if (NULL == hctx->host) return HANDLER_FINISHED;
1713
1714 fcgi_host_assign(srv, hctx, hctx->host);
1715 hctx->request_id = 0;
1716 fcgi_set_state(srv, hctx, FCGI_STATE_INIT);
1717 return HANDLER_COMEBACK;
1718 }
1719
1720
1721 static handler_t fcgi_connection_reset(server *srv, connection *con, void *p_d) {
1722 plugin_data *p = p_d;
1723 handler_ctx *hctx = con->plugin_ctx[p->id];
1724 if (hctx) fcgi_connection_close(srv, hctx);
1725
1726 return HANDLER_GO_ON;
1727 }
1728
1729
1730 static int fcgi_env_add(void *venv, const char *key, size_t key_len, const char *val, size_t val_len) {
1731 buffer *env = venv;
1732 size_t len;
1733 char len_enc[8];
1734 size_t len_enc_len = 0;
1735
1736 if (!key || !val) return -1;
1737
1738 len = key_len + val_len;
1739
1740 len += key_len > 127 ? 4 : 1;
1741 len += val_len > 127 ? 4 : 1;
1742
1743 if (buffer_string_length(env) + len >= FCGI_MAX_LENGTH) {
1744 /**
1745 * we can't append more headers, ignore it
1746 */
1747 return -1;
1748 }
1749
1750 /**
1751 * field length can be 31bit max
1752 *
1753 * HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit
1754 */
1755 force_assert(key_len < 0x7fffffffu);
1756 force_assert(val_len < 0x7fffffffu);
1757
1758 buffer_string_prepare_append(env, len);
1759
1760 if (key_len > 127) {
1761 len_enc[len_enc_len++] = ((key_len >> 24) & 0xff) | 0x80;
1762 len_enc[len_enc_len++] = (key_len >> 16) & 0xff;
1763 len_enc[len_enc_len++] = (key_len >> 8) & 0xff;
1764 len_enc[len_enc_len++] = (key_len >> 0) & 0xff;
1765 } else {
1766 len_enc[len_enc_len++] = (key_len >> 0) & 0xff;
1767 }
1768
1769 if (val_len > 127) {
1770 len_enc[len_enc_len++] = ((val_len >> 24) & 0xff) | 0x80;
1771 len_enc[len_enc_len++] = (val_len >> 16) & 0xff;
1772 len_enc[len_enc_len++] = (val_len >> 8) & 0xff;
1773 len_enc[len_enc_len++] = (val_len >> 0) & 0xff;
1774 } else {
1775 len_enc[len_enc_len++] = (val_len >> 0) & 0xff;
1776 }
1777
1778 buffer_append_string_len(env, len_enc, len_enc_len);
1779 buffer_append_string_len(env, key, key_len);
1780 buffer_append_string_len(env, val, val_len);
1781
1782 return 0;
1783 }
1784
1785 static int fcgi_header(FCGI_Header * header, unsigned char type, int request_id, int contentLength, unsigned char paddingLength) {
1786 force_assert(contentLength <= FCGI_MAX_LENGTH);
1787
1788 header->version = FCGI_VERSION_1;
1789 header->type = type;
1790 header->requestIdB0 = request_id & 0xff;
1791 header->requestIdB1 = (request_id >> 8) & 0xff;
1792 header->contentLengthB0 = contentLength & 0xff;
1793 header->contentLengthB1 = (contentLength >> 8) & 0xff;
1794 header->paddingLength = paddingLength;
1795 header->reserved = 0;
1796
1797 return 0;
1798 }
1799
1800 typedef enum {
1801 CONNECTION_OK,
1802 CONNECTION_DELAYED, /* retry after event, take same host */
1803 CONNECTION_OVERLOADED, /* disable for 1 second, take another backend */
1804 CONNECTION_DEAD /* disable for 60 seconds, take another backend */
1805 } connection_result_t;
1806
1807 static connection_result_t fcgi_establish_connection(server *srv, handler_ctx *hctx) {
1808 struct sockaddr *fcgi_addr;
1809 struct sockaddr_in fcgi_addr_in;
1810 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
1811 struct sockaddr_in6 fcgi_addr_in6;
1812 #endif
1813 #ifdef HAVE_SYS_UN_H
1814 struct sockaddr_un fcgi_addr_un;
1815 #endif
1816 socklen_t servlen;
1817
1818 fcgi_extension_host *host = hctx->host;
1819 fcgi_proc *proc = hctx->proc;
1820 int fcgi_fd = hctx->fd;
1821
1822 if (!buffer_string_is_empty(proc->unixsocket)) {
1823 #ifdef HAVE_SYS_UN_H
1824 /* use the unix domain socket */
1825 memset(&fcgi_addr_un, 0, sizeof(fcgi_addr_un));
1826 fcgi_addr_un.sun_family = AF_UNIX;
1827 if (buffer_string_length(proc->unixsocket) + 1 > sizeof(fcgi_addr_un.sun_path)) {
1828 log_error_write(srv, __FILE__, __LINE__, "sB",
1829 "ERROR: Unix Domain socket filename too long:",
1830 proc->unixsocket);
1831 return -1;
1832 }
1833 memcpy(fcgi_addr_un.sun_path, proc->unixsocket->ptr, buffer_string_length(proc->unixsocket) + 1);
1834
1835 #ifdef SUN_LEN
1836 servlen = SUN_LEN(&fcgi_addr_un);
1837 #else
1838 /* stevens says: */
1839 servlen = buffer_string_length(proc->unixsocket) + 1 + sizeof(fcgi_addr_un.sun_family);
1840 #endif
1841 fcgi_addr = (struct sockaddr *) &fcgi_addr_un;
1842
1843 if (buffer_string_is_empty(proc->connection_name)) {
1844 /* on remote spawing we have to set the connection-name now */
1845 buffer_copy_string_len(proc->connection_name, CONST_STR_LEN("unix:"));
1846 buffer_append_string_buffer(proc->connection_name, proc->unixsocket);
1847 }
1848 #else
1849 return CONNECTION_DEAD;
1850 #endif
1851 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
1852 } else if (host->family == AF_INET6 && !buffer_string_is_empty(host->host)) {
1853 memset(&fcgi_addr_in6, 0, sizeof(fcgi_addr_in6));
1854 fcgi_addr_in6.sin6_family = AF_INET6;
1855 inet_pton(AF_INET6, host->host->ptr, (char *) &fcgi_addr_in6.sin6_addr);
1856 fcgi_addr_in6.sin6_port = htons(proc->port);
1857 servlen = sizeof(fcgi_addr_in6);
1858 fcgi_addr = (struct sockaddr *) &fcgi_addr_in6;
1859 #endif
1860 } else {
1861 memset(&fcgi_addr_in, 0, sizeof(fcgi_addr_in));
1862 fcgi_addr_in.sin_family = AF_INET;
1863 if (!buffer_string_is_empty(host->host)) {
1864 if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) {
1865 log_error_write(srv, __FILE__, __LINE__, "sbs",
1866 "converting IP address failed for", host->host,
1867 "\nBe sure to specify an IP address here");
1868
1869 return CONNECTION_DEAD;
1870 }
1871 } else {
1872 fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
1873 }
1874 fcgi_addr_in.sin_port = htons(proc->port);
1875 servlen = sizeof(fcgi_addr_in);
1876
1877 fcgi_addr = (struct sockaddr *) &fcgi_addr_in;
1878 }
1879
1880 if (buffer_string_is_empty(proc->unixsocket)) {
1881 if (buffer_string_is_empty(proc->connection_name)) {
1882 /* on remote spawing we have to set the connection-name now */
1883 buffer_copy_string_len(proc->connection_name, CONST_STR_LEN("tcp:"));
1884 if (!buffer_string_is_empty(host->host)) {
1885 buffer_append_string_buffer(proc->connection_name, host->host);
1886 } else {
1887 buffer_append_string_len(proc->connection_name, CONST_STR_LEN("localhost"));
1888 }
1889 buffer_append_string_len(proc->connection_name, CONST_STR_LEN(":"));
1890 buffer_append_int(proc->connection_name, proc->port);
1891 }
1892 }
1893
1894 if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
1895 if (errno == EINPROGRESS ||
1896 errno == EALREADY ||
1897 errno == EINTR) {
1898 if (hctx->conf.debug > 2) {
1899 log_error_write(srv, __FILE__, __LINE__, "sb",
1900 "connect delayed; will continue later:", proc->connection_name);
1901 }
1902
1903 return CONNECTION_DELAYED;
1904 } else if (errno == EAGAIN) {
1905 if (hctx->conf.debug) {
1906 log_error_write(srv, __FILE__, __LINE__, "sbsd",
1907 "This means that you have more incoming requests than your FastCGI backend can handle in parallel."
1908 "It might help to spawn more FastCGI backends or PHP children; if not, decrease server.max-connections."
1909 "The load for this FastCGI backend", proc->connection_name, "is", proc->load);
1910 }
1911
1912 return CONNECTION_OVERLOADED;
1913 } else {
1914 log_error_write(srv, __FILE__, __LINE__, "sssb",
1915 "connect failed:",
1916 strerror(errno), "on",
1917 proc->connection_name);
1918
1919 return CONNECTION_DEAD;
1920 }
1921 }
1922
1923 hctx->reconnects = 0;
1924 if (hctx->conf.debug > 1) {
1925 log_error_write(srv, __FILE__, __LINE__, "sd",
1926 "connect succeeded: ", fcgi_fd);
1927 }
1928
1929 return CONNECTION_OK;
1930 }
1931
1932 static void fcgi_stdin_append(server *srv, connection *con, handler_ctx *hctx, int request_id) {
1933 FCGI_Header header;
1934 chunkqueue *req_cq = con->request_content_queue;
1935 off_t offset, weWant;
1936 const off_t req_cqlen = req_cq->bytes_in - req_cq->bytes_out;
1937
1938 /* something to send ? */
1939 for (offset = 0; offset != req_cqlen; offset += weWant) {
1940 weWant = req_cqlen - offset > FCGI_MAX_LENGTH ? FCGI_MAX_LENGTH : req_cqlen - offset;
1941
1942 /* we announce toWrite octets
1943 * now take all request_content chunks available
1944 * */
1945
1946 fcgi_header(&(header), FCGI_STDIN, request_id, weWant, 0);
1947 chunkqueue_append_mem(hctx->wb, (const char *)&header, sizeof(header));
1948 hctx->wb_reqlen += sizeof(header);
1949
1950 if (hctx->conf.debug > 10) {
1951 log_error_write(srv, __FILE__, __LINE__, "soso", "tosend:", offset, "/", req_cqlen);
1952 }
1953
1954 chunkqueue_steal(hctx->wb, req_cq, weWant);
1955 /*(hctx->wb_reqlen already includes content_length)*/
1956 }
1957
1958 if (hctx->wb->bytes_in == hctx->wb_reqlen) {
1959 /* terminate STDIN */
1960 fcgi_header(&(header), FCGI_STDIN, request_id, 0, 0);
1961 chunkqueue_append_mem(hctx->wb, (const char *)&header, sizeof(header));
1962 hctx->wb_reqlen += (int)sizeof(header);
1963 }
1964 }
1965
1966 static int fcgi_create_env(server *srv, handler_ctx *hctx, int request_id) {
1967 FCGI_BeginRequestRecord beginRecord;
1968 FCGI_Header header;
1969
1970 plugin_data *p = hctx->plugin_data;
1971 fcgi_extension_host *host= hctx->host;
1972
1973 connection *con = hctx->remote_conn;
1974
1975 http_cgi_opts opts = {
1976 (hctx->fcgi_mode == FCGI_AUTHORIZER),
1977 host->break_scriptfilename_for_php,
1978 host->docroot,
1979 host->strip_request_uri
1980 };
1981
1982 /* send FCGI_BEGIN_REQUEST */
1983
1984 fcgi_header(&(beginRecord.header), FCGI_BEGIN_REQUEST, request_id, sizeof(beginRecord.body), 0);
1985 beginRecord.body.roleB0 = hctx->fcgi_mode;
1986 beginRecord.body.roleB1 = 0;
1987 beginRecord.body.flags = 0;
1988 memset(beginRecord.body.reserved, 0, sizeof(beginRecord.body.reserved));
1989
1990 /* send FCGI_PARAMS */
1991 buffer_string_prepare_copy(p->fcgi_env, 1023);
1992
1993 if (0 != http_cgi_headers(srv, con, &opts, fcgi_env_add, p->fcgi_env)) {
1994 con->http_status = 400;
1995 return -1;
1996 } else {
1997 buffer *b = buffer_init();
1998
1999 buffer_copy_string_len(b, (const char *)&beginRecord, sizeof(beginRecord));
2000
2001 fcgi_header(&(header), FCGI_PARAMS, request_id, buffer_string_length(p->fcgi_env), 0);
2002 buffer_append_string_len(b, (const char *)&header, sizeof(header));
2003 buffer_append_string_buffer(b, p->fcgi_env);
2004
2005 fcgi_header(&(header), FCGI_PARAMS, request_id, 0, 0);
2006 buffer_append_string_len(b, (const char *)&header, sizeof(header));
2007
2008 hctx->wb_reqlen = buffer_string_length(b);
2009 chunkqueue_append_buffer(hctx->wb, b);
2010 buffer_free(b);
2011 }
2012
2013 hctx->wb_reqlen += con->request.content_length;/* (eventual) (minimal) total request size, not necessarily including all fcgi_headers around content length yet */
2014 fcgi_stdin_append(srv, con, hctx, request_id);
2015
2016 return 0;
2017 }
2018
2019 static int fcgi_response_parse(server *srv, connection *con, plugin_data *p, buffer *in) {
2020 char *s, *ns;
2021
2022 handler_ctx *hctx = con->plugin_ctx[p->id];
2023 fcgi_extension_host *host= hctx->host;
2024 int have_sendfile2 = 0;
2025 off_t sendfile2_content_length = 0;
2026
2027 UNUSED(srv);
2028
2029 /* search for \n */
2030 for (s = in->ptr; NULL != (ns = strchr(s, '\n')); s = ns + 1) {
2031 char *key, *value;
2032 int key_len;
2033
2034 /* a good day. Someone has read the specs and is sending a \r\n to us */
2035
2036 if (ns > in->ptr &&
2037 *(ns-1) == '\r') {
2038 *(ns-1) = '\0';
2039 }
2040
2041 ns[0] = '\0';
2042
2043 key = s;
2044 if (NULL == (value = strchr(s, ':'))) {
2045 /* we expect: "<key>: <value>\n" */
2046 continue;
2047 }
2048
2049 key_len = value - key;
2050
2051 value++;
2052 /* strip WS */
2053 while (*value == ' ' || *value == '\t') value++;
2054
2055 if (hctx->fcgi_mode != FCGI_AUTHORIZER ||
2056 !(con->http_status == 0 ||
2057 con->http_status == 200)) {
2058 /* authorizers shouldn't affect the response headers sent back to the client */
2059
2060 /* don't forward Status: */
2061 if (0 != strncasecmp(key, "Status", key_len)) {
2062 data_string *ds;
2063 if (NULL == (ds = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) {
2064 ds = data_response_init();
2065 }
2066 buffer_copy_string_len(ds->key, key, key_len);
2067 buffer_copy_string(ds->value, value);
2068
2069 array_insert_unique(con->response.headers, (data_unset *)ds);
2070 }
2071 }
2072
2073 if (hctx->fcgi_mode == FCGI_AUTHORIZER &&
2074 key_len > 9 &&
2075 0 == strncasecmp(key, CONST_STR_LEN("Variable-"))) {
2076 data_string *ds;
2077 if (NULL == (ds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
2078 ds = data_response_init();
2079 }
2080 buffer_copy_string_len(ds->key, key + 9, key_len - 9);
2081 buffer_copy_string(ds->value, value);
2082
2083 array_insert_unique(con->environment, (data_unset *)ds);
2084 }
2085
2086 switch(key_len) {
2087 case 4:
2088 if (0 == strncasecmp(key, "Date", key_len)) {
2089 con->parsed_response |= HTTP_DATE;
2090 }
2091 break;
2092 case 6:
2093 if (0 == strncasecmp(key, "Status", key_len)) {
2094 int status = strtol(value, NULL, 10);
2095 if (status >= 100 && status < 1000) {
2096 con->http_status = status;
2097 con->parsed_response |= HTTP_STATUS;
2098 } else {
2099 con->http_status = 502;
2100 }
2101 }
2102 break;
2103 case 8:
2104 if (0 == strncasecmp(key, "Location", key_len)) {
2105 con->parsed_response |= HTTP_LOCATION;
2106 }
2107 break;
2108 case 10:
2109 if (0 == strncasecmp(key, "Connection", key_len)) {
2110 con->response.keep_alive = (0 == strcasecmp(value, "Keep-Alive")) ? 1 : 0;
2111 con->parsed_response |= HTTP_CONNECTION;
2112 }
2113 break;
2114 case 11:
2115 if (host->xsendfile_allow && 0 == strncasecmp(key, "X-Sendfile2", key_len) && hctx->send_content_body) {
2116 char *pos = value;
2117 have_sendfile2 = 1;
2118
2119 while (*pos) {
2120 char *filename, *range;
2121 stat_cache_entry *sce;
2122 off_t begin_range, end_range, range_len;
2123
2124 while (' ' == *pos) pos++;
2125 if (!*pos) break;
2126
2127 filename = pos;
2128 if (NULL == (range = strchr(pos, ' '))) {
2129 /* missing range */
2130 if (hctx->conf.debug) {
2131 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't find range after filename:", filename);
2132 }
2133 return 502;
2134 }
2135 buffer_copy_string_len(srv->tmp_buf, filename, range - filename);
2136
2137 /* find end of range */
2138 for (pos = ++range; *pos && *pos != ' ' && *pos != ','; pos++) ;
2139
2140 buffer_urldecode_path(srv->tmp_buf);
2141 buffer_path_simplify(srv->tmp_buf, srv->tmp_buf);
2142 if (con->conf.force_lowercase_filenames) {
2143 buffer_to_lower(srv->tmp_buf);
2144 }
2145 if (host->xsendfile_docroot->used) {
2146 size_t i, xlen = buffer_string_length(srv->tmp_buf);
2147 for (i = 0; i < host->xsendfile_docroot->used; ++i) {
2148 data_string *ds = (data_string *)host->xsendfile_docroot->data[i];
2149 size_t dlen = buffer_string_length(ds->value);
2150 if (dlen <= xlen
2151 && (!con->conf.force_lowercase_filenames
2152 ? 0 == memcmp(srv->tmp_buf->ptr, ds->value->ptr, dlen)
2153 : 0 == strncasecmp(srv->tmp_buf->ptr, ds->value->ptr, dlen))) {
2154 break;
2155 }
2156 }
2157 if (i == host->xsendfile_docroot->used) {
2158 log_error_write(srv, __FILE__, __LINE__, "SBs",
2159 "X-Sendfile2 (", srv->tmp_buf,
2160 ") not under configured x-sendfile-docroot(s)");
2161 return 403;
2162 }
2163 }
2164
2165 if (HANDLER_ERROR == stat_cache_get_entry(srv, con, srv->tmp_buf, &sce)) {
2166 if (hctx->conf.debug) {
2167 log_error_write(srv, __FILE__, __LINE__, "sb",
2168 "send-file error: couldn't get stat_cache entry for X-Sendfile2:",
2169 srv->tmp_buf);
2170 }
2171 return 404;
2172 } else if (!S_ISREG(sce->st.st_mode)) {
2173 if (hctx->conf.debug) {
2174 log_error_write(srv, __FILE__, __LINE__, "sb",
2175 "send-file error: wrong filetype for X-Sendfile2:",
2176 srv->tmp_buf);
2177 }
2178 return 502;
2179 }
2180 /* found the file */
2181
2182 /* parse range */
2183 end_range = sce->st.st_size - 1;
2184 {
2185 char *rpos = NULL;
2186 errno = 0;
2187 begin_range = strtoll(range, &rpos, 10);
2188 if (errno != 0 || begin_range < 0 || rpos == range) goto range_failed;
2189 if ('-' != *rpos++) goto range_failed;
2190 if (rpos != pos) {
2191 range = rpos;
2192 end_range = strtoll(range, &rpos, 10);
2193 if (errno != 0 || end_range < 0 || rpos == range) goto range_failed;
2194 }
2195 if (rpos != pos) goto range_failed;
2196
2197 goto range_success;
2198
2199 range_failed:
2200 if (hctx->conf.debug) {
2201 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't decode range after filename:", filename);
2202 }
2203 return 502;
2204
2205 range_success: ;
2206 }
2207
2208 /* no parameters accepted */
2209
2210 while (*pos == ' ') pos++;
2211 if (*pos != '\0' && *pos != ',') return 502;
2212
2213 range_len = end_range - begin_range + 1;
2214 if (range_len < 0) return 502;
2215 if (range_len != 0) {
2216 if (0 != http_chunk_append_file_range(srv, con, srv->tmp_buf, begin_range, range_len)) {
2217 return 502;
2218 }
2219 }
2220 sendfile2_content_length += range_len;
2221
2222 if (*pos == ',') pos++;
2223 }
2224 }
2225 break;
2226 case 14:
2227 if (0 == strncasecmp(key, "Content-Length", key_len)) {
2228 con->response.content_length = strtoul(value, NULL, 10);
2229 con->parsed_response |= HTTP_CONTENT_LENGTH;
2230
2231 if (con->response.content_length < 0) con->response.content_length = 0;
2232 }
2233 break;
2234 default:
2235 break;
2236 }
2237 }
2238
2239 if (have_sendfile2) {
2240 data_string *dcls;
2241
2242 /* fix content-length */
2243 if (NULL == (dcls = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) {
2244 dcls = data_response_init();
2245 }
2246
2247 buffer_copy_string_len(dcls->key, "Content-Length", sizeof("Content-Length")-1);
2248 buffer_copy_int(dcls->value, sendfile2_content_length);
2249 array_replace(con->response.headers, (data_unset *)dcls);
2250
2251 con->parsed_response |= HTTP_CONTENT_LENGTH;
2252 con->response.content_length = sendfile2_content_length;
2253 return 200;
2254 }
2255
2256 /* CGI/1.1 rev 03 - 7.2.1.2 */
2257 if ((con->parsed_response & HTTP_LOCATION) &&
2258 !(con->parsed_response & HTTP_STATUS)) {
2259 con->http_status = 302;
2260 }
2261
2262 return 0;
2263 }
2264
2265 typedef struct {
2266 buffer *b;
2267 unsigned int len;
2268 int type;
2269 int padding;
2270 int request_id;
2271 } fastcgi_response_packet;
2272
2273 static int fastcgi_get_packet(server *srv, handler_ctx *hctx, fastcgi_response_packet *packet) {
2274 chunk *c;
2275 size_t offset;
2276 size_t toread;
2277 FCGI_Header *header;
2278
2279 if (!hctx->rb->first) return -1;
2280
2281 packet->b = buffer_init();
2282 packet->len = 0;
2283 packet->type = 0;
2284 packet->padding = 0;
2285 packet->request_id = 0;
2286
2287 offset = 0; toread = 8;
2288 /* get at least the FastCGI header */
2289 for (c = hctx->rb->first; c; c = c->next) {
2290 size_t weHave = buffer_string_length(c->mem) - c->offset;
2291
2292 if (weHave > toread) weHave = toread;
2293
2294 buffer_append_string_len(packet->b, c->mem->ptr + c->offset, weHave);
2295 toread -= weHave;
2296 offset = weHave; /* skip offset bytes in chunk for "real" data */
2297
2298 if (0 == toread) break;
2299 }
2300
2301 if (buffer_string_length(packet->b) < sizeof(FCGI_Header)) {
2302 /* no header */
2303 if (hctx->conf.debug) {
2304 log_error_write(srv, __FILE__, __LINE__, "sdsds", "FastCGI: header too small:", buffer_string_length(packet->b), "bytes <", sizeof(FCGI_Header), "bytes, waiting for more data");
2305 }
2306
2307 buffer_free(packet->b);
2308
2309 return -1;
2310 }
2311
2312 /* we have at least a header, now check how much me have to fetch */
2313 header = (FCGI_Header *)(packet->b->ptr);
2314
2315 packet->len = (header->contentLengthB0 | (header->contentLengthB1 << 8)) + header->paddingLength;
2316 packet->request_id = (header->requestIdB0 | (header->requestIdB1 << 8));
2317 packet->type = header->type;
2318 packet->padding = header->paddingLength;
2319
2320 /* ->b should only be the content */
2321 buffer_string_set_length(packet->b, 0);
2322
2323 if (packet->len) {
2324 /* copy the content */
2325 for (; c && (buffer_string_length(packet->b) < packet->len); c = c->next) {
2326 size_t weWant = packet->len - buffer_string_length(packet->b);
2327 size_t weHave = buffer_string_length(c->mem) - c->offset - offset;
2328
2329 if (weHave > weWant) weHave = weWant;
2330
2331 buffer_append_string_len(packet->b, c->mem->ptr + c->offset + offset, weHave);
2332
2333 /* we only skipped the first bytes as they belonged to the fcgi header */
2334 offset = 0;
2335 }
2336
2337 if (buffer_string_length(packet->b) < packet->len) {
2338 /* we didn't get the full packet */
2339
2340 buffer_free(packet->b);
2341 return -1;
2342 }
2343
2344 buffer_string_set_length(packet->b, buffer_string_length(packet->b) - packet->padding);
2345 }
2346
2347 chunkqueue_mark_written(hctx->rb, packet->len + sizeof(FCGI_Header));
2348
2349 return 0;
2350 }
2351
2352 static int fcgi_demux_response(server *srv, handler_ctx *hctx) {
2353 int fin = 0;
2354 int toread, ret;
2355 ssize_t r = 0;
2356
2357 plugin_data *p = hctx->plugin_data;
2358 connection *con = hctx->remote_conn;
2359 int fcgi_fd = hctx->fd;
2360 fcgi_extension_host *host= hctx->host;
2361 fcgi_proc *proc = hctx->proc;
2362
2363 /*
2364 * check how much we have to read
2365 */
2366 #if !defined(_WIN32) && !defined(__CYGWIN__)
2367 if (ioctl(hctx->fd, FIONREAD, &toread)) {
2368 if (errno == EAGAIN) {
2369 fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
2370 return 0;
2371 }
2372 log_error_write(srv, __FILE__, __LINE__, "sd",
2373 "unexpected end-of-file (perhaps the fastcgi process died):",
2374 fcgi_fd);
2375 return -1;
2376 }
2377 #else
2378 toread = 4096;
2379 #endif
2380
2381 if (toread > 0) {
2382 char *mem;
2383 size_t mem_len;
2384
2385 if ((con->conf.stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN)) {
2386 off_t cqlen = chunkqueue_length(hctx->rb);
2387 if (cqlen + toread > 65536 + (int)sizeof(FCGI_Header)) { /*(max size of FastCGI packet + 1)*/
2388 if (cqlen < 65536 + (int)sizeof(FCGI_Header)) {
2389 toread = 65536 + (int)sizeof(FCGI_Header) - cqlen;
2390 } else { /* should not happen */
2391 toread = toread < 1024 ? toread : 1024;
2392 }
2393 }
2394 }
2395
2396 chunkqueue_get_memory(hctx->rb, &mem, &mem_len, 0, toread);
2397 r = read(hctx->fd, mem, mem_len);
2398 chunkqueue_use_memory(hctx->rb, r > 0 ? r : 0);
2399
2400 if (-1 == r) {
2401 if (errno == EAGAIN) {
2402 fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
2403 return 0;
2404 }
2405 log_error_write(srv, __FILE__, __LINE__, "sds",
2406 "unexpected end-of-file (perhaps the fastcgi process died):",
2407 fcgi_fd, strerror(errno));
2408 return -1;
2409 }
2410 }
2411 if (0 == r) {
2412 log_error_write(srv, __FILE__, __LINE__, "ssdsb",
2413 "unexpected end-of-file (perhaps the fastcgi process died):",
2414 "pid:", proc->pid,
2415 "socket:", proc->connection_name);
2416
2417 return -1;
2418 }
2419
2420 /*
2421 * parse the fastcgi packets and forward the content to the write-queue
2422 *
2423 */
2424 while (fin == 0) {
2425 fastcgi_response_packet packet;
2426
2427 /* check if we have at least one packet */
2428 if (0 != fastcgi_get_packet(srv, hctx, &packet)) {
2429 /* no full packet */
2430 break;
2431 }
2432
2433 switch(packet.type) {
2434 case FCGI_STDOUT:
2435 if (packet.len == 0) break;
2436
2437 /* is the header already finished */
2438 if (0 == con->file_started) {
2439 char *c;
2440 data_string *ds;
2441
2442 /* search for header terminator
2443 *
2444 * if we start with \r\n check if last packet terminated with \r\n
2445 * if we start with \n check if last packet terminated with \n
2446 * search for \r\n\r\n
2447 * search for \n\n
2448 */
2449
2450 buffer_append_string_buffer(hctx->response_header, packet.b);
2451
2452 if (NULL != (c = buffer_search_string_len(hctx->response_header, CONST_STR_LEN("\r\n\r\n")))) {
2453 char *hend = c + 4; /* header end == body start */
2454 size_t hlen = hend - hctx->response_header->ptr;
2455 buffer_copy_string_len(packet.b, hend, buffer_string_length(hctx->response_header) - hlen);
2456 buffer_string_set_length(hctx->response_header, hlen);
2457 } else if (NULL != (c = buffer_search_string_len(hctx->response_header, CONST_STR_LEN("\n\n")))) {
2458 char *hend = c + 2; /* header end == body start */
2459 size_t hlen = hend - hctx->response_header->ptr;
2460 buffer_copy_string_len(packet.b, hend, buffer_string_length(hctx->response_header) - hlen);
2461 buffer_string_set_length(hctx->response_header, hlen);
2462 } else {
2463 /* no luck, no header found */
2464 /*(reuse MAX_HTTP_REQUEST_HEADER as max size for response headers from backends)*/
2465 if (buffer_string_length(hctx->response_header) > MAX_HTTP_REQUEST_HEADER) {
2466 log_error_write(srv, __FILE__, __LINE__, "sb", "response headers too large for", con->uri.path);
2467 con->http_status = 502; /* Bad Gateway */
2468 con->mode = DIRECT;
2469 fin = 1;
2470 }
2471 break;
2472 }
2473
2474 /* parse the response header */
2475 if ((ret = fcgi_response_parse(srv, con, p, hctx->response_header))) {
2476 if (200 != ret) { /*(200 returned for X-Sendfile2 handled)*/
2477 con->http_status = ret;
2478 con->mode = DIRECT;
2479 }
2480 con->file_started = 1;
2481 hctx->send_content_body = 0;
2482 fin = 1;
2483 break;
2484 }
2485
2486 con->file_started = 1;
2487
2488 if (hctx->fcgi_mode == FCGI_AUTHORIZER &&
2489 (con->http_status == 0 ||
2490 con->http_status == 200)) {
2491 /* a authorizer with approved the static request, ignore the content here */
2492 hctx->send_content_body = 0;
2493 }
2494
2495 if (host->xsendfile_allow && hctx->send_content_body &&
2496 (NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-LIGHTTPD-send-file"))
2497 || NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-Sendfile")))) {
2498 http_response_xsendfile(srv, con, ds->value, host->xsendfile_docroot);
2499 if (con->mode == DIRECT) {
2500 fin = 1;
2501 }
2502
2503 hctx->send_content_body = 0; /* ignore the content */
2504 break;
2505 }
2506 }
2507
2508 if (hctx->send_content_body && !buffer_string_is_empty(packet.b)) {
2509 if (0 != http_chunk_append_buffer(srv, con, packet.b)) {
2510 /* error writing to tempfile;
2511 * truncate response or send 500 if nothing sent yet */
2512 fin = 1;
2513 break;
2514 }
2515 if ((con->conf.stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN)
2516 && chunkqueue_length(con->write_queue) > 65536 - 4096) {
2517 if (!con->is_writable) {
2518 /*(defer removal of FDEVENT_IN interest since
2519 * connection_state_machine() might be able to send data
2520 * immediately, unless !con->is_writable, where
2521 * connection_state_machine() might not loop back to call
2522 * mod_fastcgi_handle_subrequest())*/
2523 fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
2524 }
2525 }
2526 }
2527 break;
2528 case FCGI_STDERR:
2529 if (packet.len == 0) break;
2530
2531 log_error_write_multiline_buffer(srv, __FILE__, __LINE__, packet.b, "s",
2532 "FastCGI-stderr:");
2533
2534 break;
2535 case FCGI_END_REQUEST:
2536 fin = 1;
2537 break;
2538 default:
2539 log_error_write(srv, __FILE__, __LINE__, "sd",
2540 "FastCGI: header.type not handled: ", packet.type);
2541 break;
2542 }
2543 buffer_free(packet.b);
2544 }
2545
2546 return fin;
2547 }
2548
2549 static int fcgi_restart_dead_procs(server *srv, plugin_data *p, fcgi_extension_host *host) {
2550 fcgi_proc *proc;
2551
2552 for (proc = host->first; proc; proc = proc->next) {
2553 int status;
2554
2555 if (p->conf.debug > 2) {
2556 log_error_write(srv, __FILE__, __LINE__, "sbdddd",
2557 "proc:",
2558 proc->connection_name,
2559 proc->state,
2560 proc->is_local,
2561 proc->load,
2562 proc->pid);
2563 }
2564
2565 /*
2566 * if the remote side is overloaded, we check back after <n> seconds
2567 *
2568 */
2569 switch (proc->state) {
2570 case PROC_STATE_KILLED:
2571 case PROC_STATE_UNSET:
2572 /* this should never happen as long as adaptive spawing is disabled */
2573 force_assert(0);
2574
2575 break;
2576 case PROC_STATE_RUNNING:
2577 break;
2578 case PROC_STATE_OVERLOADED:
2579 if (srv->cur_ts <= proc->disabled_until) break;
2580
2581 proc->state = PROC_STATE_RUNNING;
2582 host->active_procs++;
2583
2584 log_error_write(srv, __FILE__, __LINE__, "sbdb",
2585 "fcgi-server re-enabled:",
2586 host->host, host->port,
2587 host->unixsocket);
2588 break;
2589 case PROC_STATE_DIED_WAIT_FOR_PID:
2590 /* non-local procs don't have PIDs to wait for */
2591 if (!proc->is_local) {
2592 proc->state = PROC_STATE_DIED;
2593 } else {
2594 /* the child should not terminate at all */
2595
2596 for ( ;; ) {
2597 switch(waitpid(proc->pid, &status, WNOHANG)) {
2598 case 0:
2599 /* child is still alive */
2600 if (srv->cur_ts <= proc->disabled_until) break;
2601
2602 proc->state = PROC_STATE_RUNNING;
2603 host->active_procs++;
2604
2605 log_error_write(srv, __FILE__, __LINE__, "sbdb",
2606 "fcgi-server re-enabled:",
2607 host->host, host->port,
2608 host->unixsocket);
2609 break;
2610 case -1:
2611 if (errno == EINTR) continue;
2612
2613 log_error_write(srv, __FILE__, __LINE__, "sd",
2614 "child died somehow, waitpid failed:",
2615 errno);
2616 proc->state = PROC_STATE_DIED;
2617 break;
2618 default:
2619 if (WIFEXITED(status)) {
2620 #if 0
2621 log_error_write(srv, __FILE__, __LINE__, "sdsd",
2622 "child exited, pid:", proc->pid,
2623 "status:", WEXITSTATUS(status));
2624 #endif
2625 } else if (WIFSIGNALED(status)) {
2626 log_error_write(srv, __FILE__, __LINE__, "sd",
2627 "child signaled:",
2628 WTERMSIG(status));
2629 } else {
2630 log_error_write(srv, __FILE__, __LINE__, "sd",
2631 "child died somehow:",
2632 status);
2633 }
2634
2635 proc->state = PROC_STATE_DIED;
2636 break;
2637 }
2638 break;
2639 }
2640 }
2641
2642 /* fall through if we have a dead proc now */
2643 if (proc->state != PROC_STATE_DIED) break;
2644
2645 case PROC_STATE_DIED:
2646 /* local procs get restarted by us,
2647 * remote ones hopefully by the admin */
2648
2649 if (!buffer_string_is_empty(host->bin_path)) {
2650 /* we still have connections bound to this proc,
2651 * let them terminate first */
2652 if (proc->load != 0) break;
2653
2654 /* restart the child */
2655
2656 if (p->conf.debug) {
2657 log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
2658 "--- fastcgi spawning",
2659 "\n\tsocket", proc->connection_name,
2660 "\n\tcurrent:", 1, "/", host->max_procs);
2661 }
2662
2663 if (fcgi_spawn_connection(srv, p, host, proc)) {
2664 log_error_write(srv, __FILE__, __LINE__, "s",
2665 "ERROR: spawning fcgi failed.");
2666 return HANDLER_ERROR;
2667 }
2668 } else {
2669 if (srv->cur_ts <= proc->disabled_until) break;
2670
2671 proc->state = PROC_STATE_RUNNING;
2672 host->active_procs++;
2673
2674 log_error_write(srv, __FILE__, __LINE__, "sb",
2675 "fcgi-server re-enabled:",
2676 proc->connection_name);
2677 }
2678 break;
2679 }
2680 }
2681
2682 return 0;
2683 }
2684
2685 static handler_t fcgi_write_request(server *srv, handler_ctx *hctx) {
2686 plugin_data *p = hctx->plugin_data;
2687 fcgi_extension_host *host= hctx->host;
2688 connection *con = hctx->remote_conn;
2689 fcgi_proc *proc;
2690
2691 int ret;
2692
2693 /* we can't handle this in the switch as we have to fall through in it */
2694 if (hctx->state == FCGI_STATE_CONNECT_DELAYED) {
2695 int socket_error;
2696 socklen_t socket_error_len = sizeof(socket_error);
2697
2698 /* try to finish the connect() */
2699 if (0 != getsockopt(hctx->fd, SOL_SOCKET, SO_ERROR, &socket_error, &socket_error_len)) {
2700 log_error_write(srv, __FILE__, __LINE__, "ss",
2701 "getsockopt failed:", strerror(errno));
2702
2703 fcgi_host_disable(srv, hctx);
2704
2705 return HANDLER_ERROR;
2706 }
2707 if (socket_error != 0) {
2708 if (!hctx->proc->is_local || hctx->conf.debug) {
2709 /* local procs get restarted */
2710
2711 log_error_write(srv, __FILE__, __LINE__, "sssb",
2712 "establishing connection failed:", strerror(socket_error),
2713 "socket:", hctx->proc->connection_name);
2714 }
2715
2716 fcgi_host_disable(srv, hctx);
2717 log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
2718 "backend is overloaded; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
2719 "reconnects:", hctx->reconnects,
2720 "load:", host->load);
2721
2722 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
2723 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".died"));
2724
2725 status_counter_inc(srv, CONST_BUF_LEN(p->statuskey));
2726
2727 return HANDLER_ERROR;
2728 }
2729 /* go on with preparing the request */
2730 hctx->state = FCGI_STATE_PREPARE_WRITE;
2731 }
2732
2733
2734 switch(hctx->state) {
2735 case FCGI_STATE_CONNECT_DELAYED:
2736 /* should never happen */
2737 return HANDLER_WAIT_FOR_EVENT;
2738 case FCGI_STATE_INIT:
2739 /* do we have a running process for this host (max-procs) ? */
2740 hctx->proc = NULL;
2741
2742 for (proc = hctx->host->first;
2743 proc && proc->state != PROC_STATE_RUNNING;
2744 proc = proc->next);
2745
2746 /* all children are dead */
2747 if (proc == NULL) {
2748 hctx->fde_ndx = -1;
2749
2750 return HANDLER_ERROR;
2751 }
2752
2753 hctx->proc = proc;
2754
2755 /* check the other procs if they have a lower load */
2756 for (proc = proc->next; proc; proc = proc->next) {
2757 if (proc->state != PROC_STATE_RUNNING) continue;
2758 if (proc->load < hctx->proc->load) hctx->proc = proc;
2759 }
2760
2761 if (-1 == (hctx->fd = fdevent_socket_nb_cloexec(host->family, SOCK_STREAM, 0))) {
2762 if (errno == EMFILE ||
2763 errno == EINTR) {
2764 log_error_write(srv, __FILE__, __LINE__, "sd",
2765 "wait for fd at connection:", con->fd);
2766
2767 return HANDLER_WAIT_FOR_FD;
2768 }
2769
2770 log_error_write(srv, __FILE__, __LINE__, "ssdd",
2771 "socket failed:", strerror(errno), srv->cur_fds, srv->max_fds);
2772 return HANDLER_ERROR;
2773 }
2774 hctx->fde_ndx = -1;
2775
2776 srv->cur_fds++;
2777
2778 fdevent_register(srv->ev, hctx->fd, fcgi_handle_fdevent, hctx);
2779
2780 if (-1 == fdevent_fcntl_set(srv->ev, hctx->fd)) {
2781 log_error_write(srv, __FILE__, __LINE__, "ss",
2782 "fcntl failed:", strerror(errno));
2783
2784 return HANDLER_ERROR;
2785 }
2786
2787 if (hctx->proc->is_local) {
2788 hctx->pid = hctx->proc->pid;
2789 }
2790
2791 switch (fcgi_establish_connection(srv, hctx)) {
2792 case CONNECTION_DELAYED:
2793 /* connection is in progress, wait for an event and call getsockopt() below */
2794
2795 fdevent_event_set(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
2796
2797 fcgi_set_state(srv, hctx, FCGI_STATE_CONNECT_DELAYED);
2798 return HANDLER_WAIT_FOR_EVENT;
2799 case CONNECTION_OVERLOADED:
2800 /* cool down the backend, it is overloaded
2801 * -> EAGAIN */
2802
2803 if (hctx->host->disable_time) {
2804 log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
2805 "backend is overloaded; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
2806 "reconnects:", hctx->reconnects,
2807 "load:", host->load);
2808
2809 hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
2810 if (hctx->proc->state == PROC_STATE_RUNNING) hctx->host->active_procs--;
2811 hctx->proc->state = PROC_STATE_OVERLOADED;
2812 }
2813
2814 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
2815 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".overloaded"));
2816
2817 status_counter_inc(srv, CONST_BUF_LEN(p->statuskey));
2818
2819 return HANDLER_ERROR;
2820 case CONNECTION_DEAD:
2821 /* we got a hard error from the backend like
2822 * - ECONNREFUSED for tcp-ip sockets
2823 * - ENOENT for unix-domain-sockets
2824 *
2825 * for check if the host is back in hctx->host->disable_time seconds
2826 * */
2827
2828 fcgi_host_disable(srv, hctx);
2829
2830 log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
2831 "backend died; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
2832 "reconnects:", hctx->reconnects,
2833 "load:", host->load);
2834
2835 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
2836 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".died"));
2837
2838 status_counter_inc(srv, CONST_BUF_LEN(p->statuskey));
2839
2840 return HANDLER_ERROR;
2841 case CONNECTION_OK:
2842 /* everything is ok, go on */
2843
2844 fcgi_set_state(srv, hctx, FCGI_STATE_PREPARE_WRITE);
2845
2846 break;
2847 }
2848 /* fallthrough */
2849 case FCGI_STATE_PREPARE_WRITE:
2850 /* ok, we have the connection */
2851
2852 fcgi_proc_load_inc(srv, hctx);
2853 hctx->got_proc = 1;
2854
2855 status_counter_inc(srv, CONST_STR_LEN("fastcgi.requests"));
2856
2857 fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
2858 buffer_append_string_len(p->statuskey, CONST_STR_LEN(".connected"));
2859
2860 status_counter_inc(srv, CONST_BUF_LEN(p->statuskey));
2861
2862 if (hctx->conf.debug) {
2863 log_error_write(srv, __FILE__, __LINE__, "ssdsbsd",
2864 "got proc:",
2865 "pid:", hctx->proc->pid,
2866 "socket:", hctx->proc->connection_name,
2867 "load:", hctx->proc->load);
2868 }
2869
2870 /* move the proc-list entry down the list */
2871 if (hctx->request_id == 0) {
2872 hctx->request_id = 1; /* always use id 1 as we don't use multiplexing */
2873 } else {
2874 log_error_write(srv, __FILE__, __LINE__, "sd",
2875 "fcgi-request is already in use:", hctx->request_id);
2876 }
2877
2878 if (-1 == fcgi_create_env(srv, hctx, hctx->request_id)) return HANDLER_ERROR;
2879
2880 fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
2881 fcgi_set_state(srv, hctx, FCGI_STATE_WRITE);
2882 /* fall through */
2883 case FCGI_STATE_WRITE:
2884 ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
2885
2886 chunkqueue_remove_finished_chunks(hctx->wb);
2887
2888 if (ret < 0) {
2889 switch(errno) {
2890 case EPIPE:
2891 case ENOTCONN:
2892 case ECONNRESET:
2893 /* the connection got dropped after accept()
2894 * we don't care about that - if you accept() it, you have to handle it.
2895 */
2896
2897 log_error_write(srv, __FILE__, __LINE__, "ssosb",
2898 "connection was dropped after accept() (perhaps the fastcgi process died),",
2899 "write-offset:", hctx->wb->bytes_out,
2900 "socket:", hctx->proc->connection_name);
2901
2902 return HANDLER_ERROR;
2903 default:
2904 log_error_write(srv, __FILE__, __LINE__, "ssd",
2905 "write failed:", strerror(errno), errno);
2906
2907 return HANDLER_ERROR;
2908 }
2909 }
2910
2911 if (hctx->wb->bytes_out == hctx->wb_reqlen) {
2912 fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
2913 fcgi_set_state(srv, hctx, FCGI_STATE_READ);
2914 } else {
2915 off_t wblen = hctx->wb->bytes_in - hctx->wb->bytes_out;
2916 if (hctx->wb->bytes_in < hctx->wb_reqlen && wblen < 65536 - 16384) {
2917 /*(con->conf.stream_request_body & FDEVENT_STREAM_REQUEST)*/
2918 if (!(con->conf.stream_request_body & FDEVENT_STREAM_REQUEST_POLLIN)) {
2919 con->conf.stream_request_body |= FDEVENT_STREAM_REQUEST_POLLIN;
2920 con->is_readable = 1; /* trigger optimistic read from client */
2921 }
2922 }
2923 if (0 == wblen) {
2924 fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
2925 } else {
2926 fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
2927 }
2928 }
2929
2930 return HANDLER_WAIT_FOR_EVENT;
2931 case FCGI_STATE_READ:
2932 /* waiting for a response */
2933 return HANDLER_WAIT_FOR_EVENT;
2934 default:
2935 log_error_write(srv, __FILE__, __LINE__, "s", "(debug) unknown state");
2936 return HANDLER_ERROR;
2937 }
2938 }
2939
2940
2941 /* might be called on fdevent after a connect() is delay too
2942 * */
2943 static handler_t fcgi_send_request(server *srv, handler_ctx *hctx) {
2944 /* ok, create the request */
2945 fcgi_extension_host *host = hctx->host;
2946 handler_t rc = fcgi_write_request(srv, hctx);
2947 if (HANDLER_ERROR != rc) {
2948 return rc;
2949 } else {
2950 plugin_data *p = hctx->plugin_data;
2951 connection *con = hctx->remote_conn;
2952
2953 if (hctx->state == FCGI_STATE_INIT ||
2954 hctx->state == FCGI_STATE_CONNECT_DELAYED) {
2955 fcgi_restart_dead_procs(srv, p, host);
2956
2957 /* cleanup this request and let the request handler start this request again */
2958 if (hctx->reconnects++ < 5) {
2959 return fcgi_reconnect(srv, hctx);
2960 } else {
2961 fcgi_connection_close(srv, hctx);
2962 con->http_status = 503;
2963
2964 return HANDLER_FINISHED;
2965 }
2966 } else {
2967 int status = con->http_status;
2968 fcgi_connection_close(srv, hctx);
2969 con->http_status = (status == 400) ? 400 : 503;
2970
2971 return HANDLER_FINISHED;
2972 }
2973 }
2974 }
2975
2976
2977 static handler_t fcgi_recv_response(server *srv, handler_ctx *hctx);
2978
2979
2980 SUBREQUEST_FUNC(mod_fastcgi_handle_subrequest) {
2981 plugin_data *p = p_d;
2982
2983 handler_ctx *hctx = con->plugin_ctx[p->id];
2984
2985 if (NULL == hctx) return HANDLER_GO_ON;
2986
2987 /* not my job */
2988 if (con->mode != p->id) return HANDLER_GO_ON;
2989
2990 if ((con->conf.stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN)
2991 && con->file_started) {
2992 if (chunkqueue_length(con->write_queue) > 65536 - 4096) {
2993 fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
2994 } else if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) {
2995 /* optimistic read from backend, which might re-enable FDEVENT_IN */
2996 handler_t rc = fcgi_recv_response(srv, hctx); /*(might invalidate hctx)*/
2997 if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
2998 }
2999 }
3000
3001 /* (do not receive request body before FCGI_AUTHORIZER has run or else
3002 * the request body is discarded with handler_ctx_clear() after running
3003 * the FastCGI Authorizer) */
3004
3005 if (hctx->fcgi_mode != FCGI_AUTHORIZER
3006 && (0 == hctx->wb->bytes_in
3007 ? con->state == CON_STATE_READ_POST
3008 : hctx->wb->bytes_in < hctx->wb_reqlen)) {
3009 /*(64k - 4k to attempt to avoid temporary files
3010 * in conjunction with FDEVENT_STREAM_REQUEST_BUFMIN)*/
3011 if (hctx->wb->bytes_in - hctx->wb->bytes_out > 65536 - 4096
3012 && (con->conf.stream_request_body & FDEVENT_STREAM_REQUEST_BUFMIN)){
3013 con->conf.stream_request_body &= ~FDEVENT_STREAM_REQUEST_POLLIN;
3014 if (0 != hctx->wb->bytes_in) return HANDLER_WAIT_FOR_EVENT;
3015 } else {
3016 handler_t r = connection_handle_read_post_state(srv, con);
3017 chunkqueue *req_cq = con->request_content_queue;
3018 if (0 != hctx->wb->bytes_in && !chunkqueue_is_empty(req_cq)) {
3019 fcgi_stdin_append(srv, con, hctx, hctx->request_id);
3020 if (fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_OUT) {
3021 return (r == HANDLER_GO_ON) ? HANDLER_WAIT_FOR_EVENT : r;
3022 }
3023 }
3024 if (r != HANDLER_GO_ON) return r;
3025 }
3026 }
3027
3028 return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
3029 && hctx->state != FCGI_STATE_CONNECT_DELAYED)
3030 ? fcgi_send_request(srv, hctx)
3031 : HANDLER_WAIT_FOR_EVENT;
3032 }
3033
3034
3035 static handler_t fcgi_recv_response(server *srv, handler_ctx *hctx) {
3036 connection *con = hctx->remote_conn;
3037 plugin_data *p = hctx->plugin_data;
3038
3039 fcgi_proc *proc = hctx->proc;
3040 fcgi_extension_host *host= hctx->host;
3041
3042 switch (fcgi_demux_response(srv, hctx)) {
3043 case 0:
3044 break;
3045 case 1:
3046
3047 if (hctx->fcgi_mode == FCGI_AUTHORIZER &&
3048 (con->http_status == 200 ||
3049 con->http_status == 0)) {
3050 /*
3051 * If we are here in AUTHORIZER mode then a request for authorizer
3052 * was processed already, and status 200 has been returned. We need
3053 * now to handle authorized request.
3054 */
3055 buffer *physpath = NULL;
3056
3057 if (!buffer_string_is_empty(host->docroot)) {
3058 buffer_copy_buffer(con->physical.doc_root, host->docroot);
3059 buffer_copy_buffer(con->physical.basedir, host->docroot);
3060
3061 buffer_copy_buffer(con->physical.path, host->docroot);
3062 buffer_append_string_buffer(con->physical.path, con->uri.path);
3063 physpath = con->physical.path;
3064 }
3065
3066 fcgi_backend_close(srv, hctx);
3067 handler_ctx_clear(hctx);
3068
3069 /* don't do more than 6 loops here, that normally shouldn't happen */
3070 if (++con->loops_per_request > 5) {
3071 log_error_write(srv, __FILE__, __LINE__, "sb", "too many loops while processing request:", con->request.orig_uri);
3072 con->http_status = 500; /* Internal Server Error */
3073 con->mode = DIRECT;
3074 return HANDLER_FINISHED;
3075 }
3076
3077 /* restart the request so other handlers can process it */
3078
3079 if (physpath) con->physical.path = NULL;
3080 connection_response_reset(srv, con); /*(includes con->http_status = 0)*/
3081 if (physpath) con->physical.path = physpath; /* preserve con->physical.path with modified docroot */
3082
3083 /*(FYI: if multiple FastCGI authorizers were to be supported,
3084 * next one could be started here instead of restarting request)*/
3085
3086 con->mode = DIRECT;
3087 return HANDLER_COMEBACK;
3088 } else {
3089 /* we are done */
3090 fcgi_connection_close(srv, hctx);
3091 }
3092
3093 return HANDLER_FINISHED;
3094 case -1:
3095 if (proc->pid && proc->state != PROC_STATE_DIED) {
3096 int status;
3097
3098 /* only fetch the zombie if it is not already done */
3099
3100 switch(waitpid(proc->pid, &status, WNOHANG)) {
3101 case 0:
3102 /* child is still alive */
3103 break;
3104 case -1:
3105 break;
3106 default:
3107 /* the child should not terminate at all */
3108 if (WIFEXITED(status)) {
3109 log_error_write(srv, __FILE__, __LINE__, "sdsd",
3110 "child exited, pid:", proc->pid,
3111 "status:", WEXITSTATUS(status));
3112 } else if (WIFSIGNALED(status)) {
3113 log_error_write(srv, __FILE__, __LINE__, "sd",
3114 "child signaled:",
3115 WTERMSIG(status));
3116 } else {
3117 log_error_write(srv, __FILE__, __LINE__, "sd",
3118 "child died somehow:",
3119 status);
3120 }
3121
3122 if (hctx->conf.debug) {
3123 log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
3124 "--- fastcgi spawning",
3125 "\n\tsocket", proc->connection_name,
3126 "\n\tcurrent:", 1, "/", host->max_procs);
3127 }
3128
3129 if (fcgi_spawn_connection(srv, p, host, proc)) {
3130 /* respawning failed, retry later */
3131 proc->state = PROC_STATE_DIED;
3132
3133 log_error_write(srv, __FILE__, __LINE__, "s",
3134 "respawning failed, will retry later");
3135 }
3136
3137 break;
3138 }
3139 }
3140
3141 if (con->file_started == 0) {
3142 /* nothing has been sent out yet, try to use another child */
3143
3144 if (hctx->wb->bytes_out == 0 &&
3145 hctx->reconnects++ < 5) {
3146
3147 log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
3148 "response not received, request not sent",
3149 "on socket:", proc->connection_name,
3150 "for", con->uri.path, "?", con->uri.query, ", reconnecting");
3151
3152 return fcgi_reconnect(srv, hctx);
3153 }
3154
3155 log_error_write(srv, __FILE__, __LINE__, "sosbsBSBs",
3156 "response not received, request sent:", hctx->wb->bytes_out,
3157 "on socket:", proc->connection_name,
3158 "for", con->uri.path, "?", con->uri.query, ", closing connection");
3159 } else {
3160 log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
3161 "response already sent out, but backend returned error",
3162 "on socket:", proc->connection_name,
3163 "for", con->uri.path, "?", con->uri.query, ", terminating connection");
3164 }
3165
3166 http_response_backend_error(srv, con);
3167 fcgi_connection_close(srv, hctx);
3168 return HANDLER_FINISHED;
3169 }
3170
3171 return HANDLER_GO_ON;
3172 }
3173
3174
3175 static handler_t fcgi_handle_fdevent(server *srv, void *ctx, int revents) {
3176 handler_ctx *hctx = ctx;
3177 connection *con = hctx->remote_conn;
3178
3179 joblist_append(srv, con);
3180
3181 if (revents & FDEVENT_IN) {
3182 handler_t rc = fcgi_recv_response(srv, hctx);/*(might invalidate hctx)*/
3183 if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
3184 }
3185
3186 if (revents & FDEVENT_OUT) {
3187 return fcgi_send_request(srv, hctx); /*(might invalidate hctx)*/
3188 }
3189
3190 /* perhaps this issue is already handled */
3191 if (revents & FDEVENT_HUP) {
3192 if (hctx->state == FCGI_STATE_CONNECT_DELAYED) {
3193 /* getoptsock will catch this one (right ?)
3194 *
3195 * if we are in connect we might get an EINPROGRESS
3196 * in the first call and an FDEVENT_HUP in the
3197 * second round
3198 *
3199 * FIXME: as it is a bit ugly.
3200 *
3201 */
3202 fcgi_send_request(srv, hctx);
3203 } else if (con->file_started) {
3204 /* drain any remaining data from kernel pipe buffers
3205 * even if (con->conf.stream_response_body
3206 * & FDEVENT_STREAM_RESPONSE_BUFMIN)
3207 * since event loop will spin on fd FDEVENT_HUP event
3208 * until unregistered. */
3209 handler_t rc;
3210 do {
3211 rc = fcgi_recv_response(srv,hctx);/*(might invalidate hctx)*/
3212 } while (rc == HANDLER_GO_ON); /*(unless HANDLER_GO_ON)*/
3213 return rc; /* HANDLER_FINISHED or HANDLER_ERROR */
3214 } else {
3215 fcgi_proc *proc = hctx->proc;
3216 log_error_write(srv, __FILE__, __LINE__, "sBSbsbsd",
3217 "error: unexpected close of fastcgi connection for",
3218 con->uri.path, "?", con->uri.query,
3219 "(no fastcgi process on socket:", proc->connection_name, "?)",
3220 hctx->state);
3221
3222 fcgi_connection_close(srv, hctx);
3223 }
3224 } else if (revents & FDEVENT_ERR) {
3225 log_error_write(srv, __FILE__, __LINE__, "s",
3226 "fcgi: got a FDEVENT_ERR. Don't know why.");
3227
3228 http_response_backend_error(srv, con);
3229 fcgi_connection_close(srv, hctx);
3230 }
3231
3232 return HANDLER_FINISHED;
3233 }
3234
3235 #define PATCH(x) \
3236 p->conf.x = s->x;
3237 static int fcgi_patch_connection(server *srv, connection *con, plugin_data *p) {
3238 size_t i, j;
3239 plugin_config *s = p->config_storage[0];
3240
3241 PATCH(exts);
3242 PATCH(exts_auth);
3243 PATCH(exts_resp);
3244 PATCH(debug);
3245 PATCH(ext_mapping);
3246
3247 /* skip the first, the global context */
3248 for (i = 1; i < srv->config_context->used; i++) {
3249 data_config *dc = (data_config *)srv->config_context->data[i];
3250 s = p->config_storage[i];
3251
3252 /* condition didn't match */
3253 if (!config_check_cond(srv, con, dc)) continue;
3254
3255 /* merge config */
3256 for (j = 0; j < dc->value->used; j++) {
3257 data_unset *du = dc->value->data[j];
3258
3259 if (buffer_is_equal_string(du->key, CONST_STR_LEN("fastcgi.server"))) {
3260 PATCH(exts);
3261 PATCH(exts_auth);
3262 PATCH(exts_resp);
3263 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("fastcgi.debug"))) {
3264 PATCH(debug);
3265 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("fastcgi.map-extensions"))) {
3266 PATCH(ext_mapping);
3267 }
3268 }
3269 }
3270
3271 return 0;
3272 }
3273 #undef PATCH
3274
3275
3276 static handler_t fcgi_check_extension(server *srv, connection *con, void *p_d, int uri_path_handler) {
3277 plugin_data *p = p_d;
3278 size_t s_len;
3279 size_t k;
3280 buffer *fn;
3281 fcgi_extension *extension = NULL;
3282 fcgi_extension_host *host = NULL;
3283 handler_ctx *hctx;
3284 unsigned short fcgi_mode;
3285
3286 if (con->mode != DIRECT) return HANDLER_GO_ON;
3287
3288 fn = uri_path_handler ? con->uri.path : con->physical.path;
3289
3290 if (buffer_string_is_empty(fn)) return HANDLER_GO_ON;
3291
3292 s_len = buffer_string_length(fn);
3293
3294 fcgi_patch_connection(srv, con, p);
3295 if (NULL == p->conf.exts) return HANDLER_GO_ON;
3296
3297 /* check p->conf.exts_auth list and then p->conf.ext_resp list
3298 * (skip p->conf.exts_auth if array is empty or if FCGI_AUTHORIZER already ran in this request */
3299 hctx = con->plugin_ctx[p->id]; /*(not NULL if FCGI_AUTHORIZER ran; hctx->ext-auth check is redundant)*/
3300 fcgi_mode = (NULL == hctx || NULL == hctx->ext_auth)
3301 ? 0 /* FCGI_AUTHORIZER p->conf.exts_auth will be searched next */
3302 : FCGI_AUTHORIZER; /* FCGI_RESPONDER p->conf.exts_resp will be searched next */
3303
3304 do {
3305
3306 fcgi_exts *exts;
3307 if (0 == fcgi_mode) {
3308 fcgi_mode = FCGI_AUTHORIZER;
3309 exts = p->conf.exts_auth;
3310 } else {
3311 fcgi_mode = FCGI_RESPONDER;
3312 exts = p->conf.exts_resp;
3313 }
3314
3315 if (0 == exts->used) continue;
3316
3317 /* fastcgi.map-extensions maps extensions to existing fastcgi.server entries
3318 *
3319 * fastcgi.map-extensions = ( ".php3" => ".php" )
3320 *
3321 * fastcgi.server = ( ".php" => ... )
3322 *
3323 * */
3324
3325 /* check if extension-mapping matches */
3326 for (k = 0; k < p->conf.ext_mapping->used; k++) {
3327 data_string *ds = (data_string *)p->conf.ext_mapping->data[k];
3328 size_t ct_len; /* length of the config entry */
3329
3330 if (buffer_is_empty(ds->key)) continue;
3331
3332 ct_len = buffer_string_length(ds->key);
3333
3334 if (s_len < ct_len) continue;
3335
3336 /* found a mapping */
3337 if (0 == strncmp(fn->ptr + s_len - ct_len, ds->key->ptr, ct_len)) {
3338 /* check if we know the extension */
3339
3340 /* we can reuse k here */
3341 for (k = 0; k < exts->used; k++) {
3342 extension = exts->exts[k];
3343
3344 if (buffer_is_equal(ds->value, extension->key)) {
3345 break;
3346 }
3347 }
3348
3349 if (k == exts->used) {
3350 /* found nothing */
3351 extension = NULL;
3352 }
3353 break;
3354 }
3355 }
3356
3357 if (extension == NULL) {
3358 size_t uri_path_len = buffer_string_length(con->uri.path);
3359
3360 /* check if extension matches */
3361 for (k = 0; k < exts->used; k++) {
3362 size_t ct_len; /* length of the config entry */
3363 fcgi_extension *ext = exts->exts[k];
3364
3365 if (buffer_is_empty(ext->key)) continue;
3366
3367 ct_len = buffer_string_length(ext->key);
3368
3369 /* check _url_ in the form "/fcgi_pattern" */
3370 if (ext->key->ptr[0] == '/') {
3371 if ((ct_len <= uri_path_len) &&
3372 (strncmp(con->uri.path->ptr, ext->key->ptr, ct_len) == 0)) {
3373 extension = ext;
3374 break;
3375 }
3376 } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len))) {
3377 /* check extension in the form ".fcg" */
3378 extension = ext;
3379 break;
3380 }
3381 }
3382 }
3383
3384 } while (NULL == extension && fcgi_mode != FCGI_RESPONDER);
3385
3386 /* extension doesn't match */
3387 if (NULL == extension) {
3388 return HANDLER_GO_ON;
3389 }
3390
3391 /* check if we have at least one server for this extension up and running */
3392 host = fcgi_extension_host_get(srv, con, p, extension);
3393 if (NULL == host) {
3394 return HANDLER_FINISHED;
3395 }
3396
3397 /* a note about no handler is not sent yet */
3398 extension->note_is_sent = 0;
3399
3400 /*
3401 * if check-local is disabled, use the uri.path handler
3402 *
3403 */
3404
3405 /* init handler-context */
3406 if (uri_path_handler) {
3407 if (host->check_local != 0) {
3408 return HANDLER_GO_ON;
3409 } else {
3410 /* do not split path info for authorizer */
3411 if (fcgi_mode != FCGI_AUTHORIZER) {
3412 /* the prefix is the SCRIPT_NAME,
3413 * everything from start to the next slash
3414 * this is important for check-local = "disable"
3415 *
3416 * if prefix = /admin.fcgi
3417 *
3418 * /admin.fcgi/foo/bar
3419 *
3420 * SCRIPT_NAME = /admin.fcgi
3421 * PATH_INFO = /foo/bar
3422 *
3423 * if prefix = /fcgi-bin/
3424 *
3425 * /fcgi-bin/foo/bar
3426 *
3427 * SCRIPT_NAME = /fcgi-bin/foo
3428 * PATH_INFO = /bar
3429 *
3430 * if prefix = /, and fix-root-path-name is enable
3431 *
3432 * /fcgi-bin/foo/bar
3433 *
3434 * SCRIPT_NAME = /fcgi-bin/foo
3435 * PATH_INFO = /bar
3436 *
3437 */
3438 char *pathinfo;
3439
3440 /* the rewrite is only done for /prefix/? matches */
3441 if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') {
3442 buffer_copy_string(con->request.pathinfo, con->uri.path->ptr);
3443 buffer_string_set_length(con->uri.path, 0);
3444 } else if (extension->key->ptr[0] == '/' &&
3445 buffer_string_length(con->uri.path) > buffer_string_length(extension->key) &&
3446 NULL != (pathinfo = strchr(con->uri.path->ptr + buffer_string_length(extension->key), '/'))) {
3447 /* rewrite uri.path and pathinfo */
3448
3449 buffer_copy_string(con->request.pathinfo, pathinfo);
3450 buffer_string_set_length(con->uri.path, buffer_string_length(con->uri.path) - buffer_string_length(con->request.pathinfo));
3451 }
3452 }
3453 }
3454 }
3455
3456 if (!hctx) hctx = handler_ctx_init();
3457
3458 hctx->remote_conn = con;
3459 hctx->plugin_data = p;
3460 hctx->proc = NULL;
3461 hctx->ext = extension;
3462 fcgi_host_assign(srv, hctx, host);
3463
3464 hctx->fcgi_mode = fcgi_mode;
3465 if (fcgi_mode == FCGI_AUTHORIZER) {
3466 hctx->ext_auth = hctx->ext;
3467 }
3468
3469 /*hctx->conf.exts = p->conf.exts;*/
3470 /*hctx->conf.exts_auth = p->conf.exts_auth;*/
3471 /*hctx->conf.exts_resp = p->conf.exts_resp;*/
3472 /*hctx->conf.ext_mapping = p->conf.ext_mapping;*/
3473 hctx->conf.debug = p->conf.debug;
3474
3475 con->plugin_ctx[p->id] = hctx;
3476
3477 con->mode = p->id;
3478
3479 if (con->conf.log_request_handling) {
3480 log_error_write(srv, __FILE__, __LINE__, "s", "handling it in mod_fastcgi");
3481 }
3482
3483 return HANDLER_GO_ON;
3484 }
3485
3486 /* uri-path handler */
3487 static handler_t fcgi_check_extension_1(server *srv, connection *con, void *p_d) {
3488 return fcgi_check_extension(srv, con, p_d, 1);
3489 }
3490
3491 /* start request handler */
3492 static handler_t fcgi_check_extension_2(server *srv, connection *con, void *p_d) {
3493 return fcgi_check_extension(srv, con, p_d, 0);
3494 }
3495
3496
3497 TRIGGER_FUNC(mod_fastcgi_handle_trigger) {
3498 plugin_data *p = p_d;
3499 size_t i, j, n;
3500
3501
3502 /* perhaps we should kill a connect attempt after 10-15 seconds
3503 *
3504 * currently we wait for the TCP timeout which is 180 seconds on Linux
3505 *
3506 *
3507 *
3508 */
3509
3510 /* check all children if they are still up */
3511
3512 for (i = 0; i < srv->config_context->used; i++) {
3513 plugin_config *conf;
3514 fcgi_exts *exts;
3515
3516 conf = p->config_storage[i];
3517
3518 exts = conf->exts;
3519 if (NULL == exts) continue;
3520
3521 for (j = 0; j < exts->used; j++) {
3522 fcgi_extension *ex;
3523
3524 ex = exts->exts[j];
3525
3526 for (n = 0; n < ex->used; n++) {
3527
3528 fcgi_proc *proc;
3529 fcgi_extension_host *host;
3530
3531 host = ex->hosts[n];
3532
3533 fcgi_restart_dead_procs(srv, p, host);
3534
3535 for (proc = host->unused_procs; proc; proc = proc->next) {
3536 int status;
3537
3538 if (proc->pid == 0) continue;
3539
3540 switch (waitpid(proc->pid, &status, WNOHANG)) {
3541 case 0:
3542 /* child still running after timeout, good */
3543 break;
3544 case -1:
3545 if (errno != EINTR) {
3546 /* no PID found ? should never happen */
3547 log_error_write(srv, __FILE__, __LINE__, "sddss",
3548 "pid ", proc->pid, proc->state,
3549 "not found:", strerror(errno));
3550
3551 #if 0
3552 if (errno == ECHILD) {
3553 /* someone else has cleaned up for us */
3554 proc->pid = 0;
3555 proc->state = PROC_STATE_UNSET;
3556 }
3557 #endif
3558 }
3559 break;
3560 default:
3561 /* the child should not terminate at all */
3562 if (WIFEXITED(status)) {
3563 if (proc->state != PROC_STATE_KILLED) {
3564 log_error_write(srv, __FILE__, __LINE__, "sdb",
3565 "child exited:",
3566 WEXITSTATUS(status), proc->connection_name);
3567 }
3568 } else if (WIFSIGNALED(status)) {
3569 if (WTERMSIG(status) != SIGTERM) {
3570 log_error_write(srv, __FILE__, __LINE__, "sd",
3571 "child signaled:",
3572 WTERMSIG(status));
3573 }
3574 } else {
3575 log_error_write(srv, __FILE__, __LINE__, "sd",
3576 "child died somehow:",
3577 status);
3578 }
3579 proc->pid = 0;
3580 if (proc->state == PROC_STATE_RUNNING) host->active_procs--;
3581 proc->state = PROC_STATE_UNSET;
3582 host->max_id--;
3583 }
3584 }
3585 }
3586 }
3587 }
3588
3589 return HANDLER_GO_ON;
3590 }
3591
3592
3593 int mod_fastcgi_plugin_init(plugin *p);
3594 int mod_fastcgi_plugin_init(plugin *p) {
3595 p->version = LIGHTTPD_VERSION_ID;
3596 p->name = buffer_init_string("fastcgi");
3597
3598 p->init = mod_fastcgi_init;
3599 p->cleanup = mod_fastcgi_free;
3600 p->set_defaults = mod_fastcgi_set_defaults;
3601 p->connection_reset = fcgi_connection_reset;
3602 p->handle_connection_close = fcgi_connection_reset;
3603 p->handle_uri_clean = fcgi_check_extension_1;
3604 p->handle_subrequest_start = fcgi_check_extension_2;
3605 p->handle_subrequest = mod_fastcgi_handle_subrequest;
3606 p->handle_trigger = mod_fastcgi_handle_trigger;
3607
3608 p->data = NULL;
3609
3610 return 0;
3611 }
A fast webserver with minimal memory-footprint (lighttpd)